tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clean up the 'api setup' command 

refs #9471
This commit is contained in:
Gunnar Beutner 2015-10-22 15:56:27 +02:00
parent d618762dad
commit f31837a6ba
5 changed files with 36 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/cli/apisetupcommand.cpp
View File

@ -55,21 +55,10 @@ int ApiSetupCommand::GetMaxArguments(void) const
*/ */
int ApiSetupCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const int ApiSetupCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
{ {
/* 1. generate CA & signed certificate if (!ApiSetupUtility::SetupMaster(Utility::GetFQDN()))
* 2. update password inside api-users.conf for the "root" user return 1;
* TODO:
* - setup the api on a client?
*/
int result = ApiSetupUtility::SetupMaster(Utility::GetFQDN());
if (result > 0) {
Log(LogCritical, "ApiSetup", "Error occured. Bailing out.");
return result;
}
std::cout << "Done.\n\n"; std::cout << "Done.\n\n";
std::cout << "Now restart your Icinga 2 daemon to finish the installation!\n\n"; std::cout << "Now restart your Icinga 2 daemon to finish the installation!\n\n";
return 0; return 0;

48
lib/cli/apisetuputility.cpp
View File

@ -43,33 +43,36 @@ String ApiSetupUtility::GetConfdPath(void)
return Application::GetSysconfDir() + "/icinga2/conf.d"; return Application::GetSysconfDir() + "/icinga2/conf.d";
} }
int ApiSetupUtility::SetupMaster(const String& cn) bool ApiSetupUtility::SetupMaster(const String& cn)
{ {
/* if the 'api' feature is enabled we can safely assume /* if the 'api' feature is enabled we can safely assume
* that either 'api setup' was run, or the user manually * that either 'api setup' was run, or the user manually
* enabled the api including all certificates e.g. by 'node wizard' in <= v2.3.x * enabled the api including all certificates e.g. by 'node wizard' in <= v2.3.x
*/ */
if (FeatureUtility::CheckFeatureEnabled("api")) { if (FeatureUtility::CheckFeatureEnabled("api")) {
Log(LogInformation, "cli") Log(LogInformation, "cli", "'api' feature already enabled, skipping feature enable and master certificate creation.");
<< "'api' feature already enabled, skipping feature enable and master certificate creation.\n"; return false;
return 0;
} }
SetupMasterCertificates(cn); if (!SetupMasterCertificates(cn))
SetupMasterApiUser(cn); return false;
SetupMasterEnableApi(cn);
return 0; if (!SetupMasterApiUser())
return false;
if (!SetupMasterEnableApi())
return false;
return true;
} }
int ApiSetupUtility::SetupMasterCertificates(const String& cn) bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
{ {
Log(LogInformation, "cli") Log(LogInformation, "cli")
<< "Generating new CA.\n"; << "Generating new CA.\n";
if (PkiUtility::NewCa() > 0) { if (PkiUtility::NewCa() > 0)
Log(LogWarning, "cli", "Found CA, skipping and using the existing one."); Log(LogWarning, "cli", "Found CA, skipping and using the existing one.");
}
String pki_path = PkiUtility::GetPkiPath(); String pki_path = PkiUtility::GetPkiPath();
Utility::MkDirP(pki_path, 0700); Utility::MkDirP(pki_path, 0700);
@ -95,7 +98,7 @@ int ApiSetupUtility::SetupMasterCertificates(const String& cn)
if (PkiUtility::NewCert(cn, key, csr, "") > 0) { if (PkiUtility::NewCert(cn, key, csr, "") > 0) {
Log(LogCritical, "cli", "Failed to create certificate signing request."); Log(LogCritical, "cli", "Failed to create certificate signing request.");
return 1; return false;
} }
/* Sign the CSR with the CA key */ /* Sign the CSR with the CA key */
@ -109,11 +112,10 @@ int ApiSetupUtility::SetupMasterCertificates(const String& cn)
if (PkiUtility::SignCsr(csr, cert) != 0) { if (PkiUtility::SignCsr(csr, cert) != 0) {
Log(LogCritical, "cli", "Could not sign CSR."); Log(LogCritical, "cli", "Could not sign CSR.");
return 1; return false;
} }
/* Copy CA certificate to /etc/icinga2/pki */ /* Copy CA certificate to /etc/icinga2/pki */
String ca_path = PkiUtility::GetLocalCaPath(); String ca_path = PkiUtility::GetLocalCaPath();
String ca = ca_path + "/ca.crt"; String ca = ca_path + "/ca.crt";
String ca_key = ca_path + "/ca.key"; String ca_key = ca_path + "/ca.key";
@ -147,12 +149,12 @@ int ApiSetupUtility::SetupMasterCertificates(const String& cn)
} }
} }
return 0; return true;
} }
int ApiSetupUtility::SetupMasterApiUser(const String& cn) bool ApiSetupUtility::SetupMasterApiUser(void)
{ {
String api_username = "root"; //TODO make this available as cli parameter? String api_username = "root"; // TODO make this available as cli parameter?
String api_password = RandomString(8); String api_password = RandomString(8);
String apiuserspath = GetConfdPath() + "/api-users.conf"; String apiuserspath = GetConfdPath() + "/api-users.conf";
@ -189,16 +191,16 @@ int ApiSetupUtility::SetupMasterApiUser(const String& cn)
<< boost::errinfo_file_name(apiuserspathtmp)); << boost::errinfo_file_name(apiuserspathtmp));
} }
return 0; return true;
} }
int ApiSetupUtility::SetupMasterEnableApi(const String& cn) bool ApiSetupUtility::SetupMasterEnableApi(void)
{ {
Log(LogInformation, "cli", "Enabling the ApiListener feature.\n"); Log(LogInformation, "cli", "Enabling the ApiListener feature.\n");
std::vector<std::string> enable; std::vector<std::string> features;
enable.push_back("api"); features.push_back("api");
FeatureUtility::EnableFeatures(enable); FeatureUtility::EnableFeatures(features);
return 0; return true;
} }

8
lib/cli/apisetuputility.hpp
View File

@ -37,11 +37,11 @@ namespace icinga
class I2_CLI_API ApiSetupUtility class I2_CLI_API ApiSetupUtility
{ {
public: public:
static int SetupMaster(const String& cn); static bool SetupMaster(const String& cn);
static int SetupMasterCertificates(const String& cn); static bool SetupMasterCertificates(const String& cn);
static int SetupMasterApiUser(const String& cn); static bool SetupMasterApiUser(void);
static int SetupMasterEnableApi(const String& cn); static bool SetupMasterEnableApi(void);
static String GetConfdPath(void); static String GetConfdPath(void);

4
lib/cli/nodesetupcommand.cpp
View File

@ -145,10 +145,10 @@ int NodeSetupCommand::SetupMaster(const boost::program_options::variables_map& v
} }
Log(LogInformation, "cli", "Generating master configuration for Icinga 2."); Log(LogInformation, "cli", "Generating master configuration for Icinga 2.");
ApiSetupUtility::SetupMasterApiUser(cn); ApiSetupUtility::SetupMasterApiUser();
if (!FeatureUtility::CheckFeatureEnabled("api")) { if (!FeatureUtility::CheckFeatureEnabled("api")) {
ApiSetupUtility::SetupMasterEnableApi(cn); ApiSetupUtility::SetupMasterEnableApi();
} else { } else {
Log(LogInformation, "cli") Log(LogInformation, "cli")
<< "'api' feature already enabled.\n"; << "'api' feature already enabled.\n";

4
lib/cli/nodewizardcommand.cpp
View File

@ -464,10 +464,10 @@ wizard_ticket:
} }
std::cout << ConsoleColorTag(Console_Bold) << "Generating master configuration for Icinga 2.\n" << ConsoleColorTag(Console_Normal); std::cout << ConsoleColorTag(Console_Bold) << "Generating master configuration for Icinga 2.\n" << ConsoleColorTag(Console_Normal);
ApiSetupUtility::SetupMasterApiUser(cn); ApiSetupUtility::SetupMasterApiUser();
if (!FeatureUtility::CheckFeatureEnabled("api")) if (!FeatureUtility::CheckFeatureEnabled("api"))
ApiSetupUtility::SetupMasterEnableApi(cn); ApiSetupUtility::SetupMasterEnableApi();
else else
std::cout << "'api' feature already enabled.\n"; std::cout << "'api' feature already enabled.\n";