icinga-cert-service 0.18.4

data/lib/cert-service/configure_icinga.rb

@@ -0,0 +1 @@
+ 

data/lib/cert-service/download.rb

@@ -0,0 +1,24 @@
+
+module IcingaCertService
+  # Client Class to create on-the-fly a certificate to connect automaticly as satellite to an icinga2-master
+  #
+  #
+  module Download
+
+    # allows you to download a static file which is stored in the directory assets
+    #
+    # currently only 'icinga2_certificates.sh'
+    #
+    def download(params)
+
+      file_name        = validate( params, required: true, var: 'file_name', type: String )
+      request          = validate( params, required: true, var: 'request', type: Hash )
+
+      whitelist = ['icinga2_certificates.sh']
+
+      return { status: 500, message: 'file are unknown' } unless( whitelist.include?(file_name) )
+
+      { status: 200, path: format('%s/assets', @base_directory), file_name: file_name }
+    end
+  end
+end

data/lib/cert-service/endpoint_handler.rb

@@ -0,0 +1,98 @@
+
+module IcingaCertService
+  # Client Class to create on-the-fly a certificate to connect automaticly as satellite to an icinga2-master
+  #
+  #
+  module EndpointHandler
+
+    # add a Endpoint for distributed monitoring to the icinga2-master configuration
+    #
+    # @param [Hash, #read] params
+    # @option params [String] :host
+    #
+    # @example
+    #    add_endpoint( host: 'icinga2-satellite' )
+    #
+    # @return [Hash, #read] if config already created:
+    #  * :status [Integer] 204
+    #  * :message [String] Message
+    #
+    # @return nil if successful
+    #
+    def add_endpoint(params)
+
+      host      = validate( params, required: true, var: 'host', type: String )
+      satellite = validate( params, required: false, var: 'satellite', type: Boolean ) || false
+
+      return { status: 500, message: 'no hostname to create an endpoint' } if host.nil?
+
+      # add the API user
+      #
+      add_api_user(params)
+
+      # add the zone object
+      #
+      ret = add_zone(host)
+
+      # logger.debug( ret )
+
+      if( satellite )
+        file_name      = '/etc/icinga2/zones.conf'
+      else
+        zone_directory = format('/etc/icinga2/zones.d/%s', host)
+        file_name      = format('%s/%s.conf', zone_directory, host)
+
+        begin
+          FileUtils.mkpath(zone_directory) unless File.exist?(zone_directory)
+        rescue
+
+        end
+      end
+
+      if( File.exist?(file_name) )
+
+        file     = File.open(file_name, 'r')
+        contents = file.read
+
+        regexp_long = / # Match she-bang style C-comment
+          \/\*          # Opening delimiter.
+          [^*]*\*+      # {normal*} Zero or more non-*, one or more *
+          (?:           # Begin {(special normal*)*} construct.
+            [^*\/]      # {special} a non-*, non-\/ following star.
+            [^*]*\*+    # More {normal*}
+          )*            # Finish "Unrolling-the-Loop"
+          \/            # Closing delimiter.
+        /x
+        result = contents.gsub(regexp_long, '')
+
+        scan_endpoint = result.scan(/object Endpoint(.*)"(?<endpoint>.+\S)"/).flatten
+
+        return { status: 200, message: format('the configuration for the endpoint %s already exists', host) } if( scan_endpoint.include?(host) == true )
+      end
+
+      logger.debug(format('i miss an configuration for endpoint \'%s\'', host))
+
+      begin
+
+        result = write_template(
+          template: 'templates/zones.d/endpoint.conf.erb',
+          destination_file: file_name,
+          environment: {
+            host: host
+          }
+        )
+
+        create_backup
+
+        # logger.debug( result )
+      rescue => error
+
+        logger.debug(error)
+      end
+
+      { status: 200, message: format('configuration for endpoint \'%s\' has been created', host) }
+
+    end
+
+  end
+end

data/lib/cert-service/executor.rb

@@ -0,0 +1,34 @@
+
+require 'open3'
+
+module IcingaCertService
+  # SubModule to execute some commands
+  #
+  #
+  module Executor
+
+    # execute system commands with a Open3.popen2() call
+    #
+    # @param [Hash, #read] params
+    # @option params [String] :cmd
+    #
+    # @return [Hash, #read]
+    #  * :exit [Integer] Exit-Code
+    #  * :message [String] Message
+    def exec_command( params )
+
+      cmd = params.dig(:cmd)
+
+      return { code: 1, message: 'no command found' } if( cmd.nil? )
+
+      result = {}
+
+      Open3.popen2( cmd ) do |_stdin, stdout_err, wait_thr|
+        return_value = wait_thr.value
+        result = { code: return_value.success?, message: stdout_err.gets }
+      end
+
+      result
+    end
+  end
+end

data/lib/cert-service/in-memory-cache.rb

@@ -0,0 +1,43 @@
+
+module IcingaCertService
+
+  # small in-memory Cache
+  #
+  module InMemoryDataCache
+
+    # create a new Instance
+    #
+    def initialize
+      @storage = {}
+    end
+
+    # save data
+    #
+    # @param [String, #read] id
+    # @param [misc, #read] data
+    #
+    def save(id, data)
+      @storage ||= {}
+      @storage[id] ||= {}
+      @storage[id] = data
+    end
+
+    # get data
+    #
+    # @param [String, #read] id
+    #
+    def find_by_id(id)
+      if( !@storage.nil? )
+        @storage.dig(id) || {}
+      else
+        {}
+      end
+    end
+
+    # get all data
+    #
+    def entries
+      @storage
+    end
+  end
+end

data/lib/cert-service/templates.rb

@@ -0,0 +1,62 @@
+
+module IcingaCertService
+  # Client Class to create on-the-fly a certificate to connect automaticly as satellite to an icinga2-master
+  #
+  #
+  module Templates
+
+    # write files based on a template
+    #
+    # @param [Hash, #read] params
+    # @option params [String] :template
+    # @option params [String] :destination_file
+    # @option params [Hash] :environment
+    #
+    # @example
+    #   write_template(
+    #     template: 'templates/zones.d/endpoint.conf.erb',
+    #     destination_file: file_name,
+    #     environment: {
+    #       host: host
+    #     }
+    #   )
+    #
+    #
+    def write_template(params)
+
+      template         = validate( params, required: true, var: 'template', type: String )
+      destination_file = validate( params, required: true, var: 'destination_file', type: String )
+      environment      = validate( params, required: true, var: 'environment', type: Hash )
+
+      template = format( '%s/%s', @base_directory, template )
+
+      return { status: 500, message: "template '#{template}' not found." } if( ! File.exist?(template) )
+
+      begin
+        template = ERB.new File.new(template).read
+        date     = Time.now
+        template = template.result( binding )
+
+        begin
+          logger.debug( "write to file: #{destination_file}" )
+          file = File.open(destination_file, 'a')
+          file.write(template)
+        rescue => error
+          logger.error(error.to_s)
+          { status: 500, message: error.to_s }
+        ensure
+          file.close unless file.nil?
+        end
+      rescue => error
+        logger.error(error.to_s)
+        logger.debug( error.backtrace.join("\n") )
+
+        { status: 500, message: error.to_s }
+      end
+
+      { status: 200, message: format('file \'%s\' has been created', destination_file) }
+
+    end
+
+  end
+end

data/lib/cert-service/version.rb

@@ -0,0 +1,5 @@
+
+module IcingaCertService
+  # static version string
+  VERSION = '0.18.4'.freeze
+end

data/lib/cert-service/zone_handler.rb

@@ -0,0 +1,71 @@
+
+module IcingaCertService
+  # Client Class to create on-the-fly a certificate to connect automaticly as satellite to an icinga2-master
+  #
+  #
+  module ZoneHandler
+
+    # add a satellite zone to 'zones.conf'
+    #
+    # @param [String] zone
+    #
+    # @example
+    #    add_zone('icinga2-satellite')
+    #
+    # @return [Hash, #read] if config already created:
+    #  * :status [Integer] 200
+    #  * :message [String] Message
+    #
+    # @return nil if successful
+    #
+    def add_zone( zone = nil )
+
+      return { status: 500, message: 'no zone defined' } if zone.nil?
+
+      zone_file =  '/etc/icinga2/zones.conf'
+
+      if(File.exist?(zone_file))
+
+        file     = File.open(zone_file, 'r')
+        contents = file.read
+
+        regexp_long = / # Match she-bang style C-comment
+          \/\*          # Opening delimiter.
+          [^*]*\*+      # {normal*} Zero or more non-*, one or more *
+          (?:           # Begin {(special normal*)*} construct.
+            [^*\/]      # {special} a non-*, non-\/ following star.
+            [^*]*\*+    # More {normal*}
+          )*            # Finish "Unrolling-the-Loop"
+          \/            # Closing delimiter.
+        /x
+        result = contents.gsub(regexp_long, '')
+        scan_zone = result.scan(/object Zone(.*)"(?<zone>.+\S)"/).flatten
+
+        return { status: 200, message: format('the configuration for the zone %s already exists', zone) } if( scan_zone.include?(zone) == true )
+      end
+
+      logger.debug(format('i miss an configuration for zone \'%s\'', zone))
+
+      begin
+        result = write_template(
+          template: 'templates/zones.conf.erb',
+          destination_file: zone_file,
+          environment: {
+            zone: zone,
+            icinga_master: @icinga_master
+          }
+        )
+        # logger.debug(result)
+
+      rescue => error
+        logger.error(error.to_s)
+
+        return { status: 500, message: error.to_s }
+      end
+
+      { status: 200, message: format('configuration for zone %s has been created', zone) }
+
+    end
+
+  end
+end

data/lib/logging.rb

@@ -0,0 +1,61 @@
+
+require 'logger'
+
+# -------------------------------------------------------------------------------------------------
+
+module Logging
+
+  # global function to use the logger instance
+  #
+  def logger
+    @logger ||= Logging.logger_for( self.class.name )
+  end
+
+  # Use a hash class-ivar to cache a unique Logger per class:
+  @loggers = {}
+
+  class << self
+
+    # create an logger instance for classname
+    #
+    def logger_for( classname )
+      @loggers[classname] ||= configure_logger_for( classname )
+    end
+
+    # configure the logger
+    #
+    def configure_logger_for( classname )
+
+      log_level = ENV.fetch('LOG_LEVEL', 'DEBUG' )
+      level = log_level.dup
+
+      # DEBUG < INFO < WARN < ERROR < FATAL < UNKNOWN
+      log_level = case level.upcase
+        when 'DEBUG'
+          Logger::DEBUG   # Low-level information for developers.
+        when 'INFO'
+          Logger::INFO    # Generic (useful) information about system operation.
+        when 'WARN'
+          Logger::WARN    # A warning.
+        when 'ERROR'
+          Logger::ERROR   # A handleable error condition.
+        when 'FATAL'
+          Logger::FATAL   # An unhandleable error that results in a program crash.
+        else
+          Logger::UNKNOWN # An unknown message that should always be logged.
+        end
+
+      $stdout.sync           = true
+      logger                 = Logger.new($stdout)
+      logger.level           = log_level
+      logger.datetime_format = '%Y-%m-%d %H:%M:%S'
+      logger.formatter       = proc do |severity, datetime, progname, msg|
+        "[#{datetime.strftime( logger.datetime_format )}] #{severity.ljust(5)}  #{msg}\n"
+      end
+
+      logger
+    end
+  end
+end
+
+# -------------------------------------------------------------------------------------------------

data/lib/monkey_patches.rb

@@ -0,0 +1,128 @@
+
+# -----------------------------------------------------------------------------
+# Monkey patches
+
+# Modify `Object`
+#
+#  original from (https://gist.github.com/Integralist/9503099)
+#
+# None of the above solutions work with a multi-level hash
+# They only work on the first level: {:foo=>"bar", :level1=>{"level2"=>"baz"}}
+# The following two variations solve the problem in the same way
+# transform hash keys to symbols
+#
+# @example
+#    multi_hash = { 'foo' => 'bar', 'level1' => { 'level2' => 'baz' } }
+#    multi_hash = multi_hash.deep_string_keys
+#
+class Object
+
+  # transform hash keys to symbols
+  #
+  # @example
+  #    multi_hash = { 'foo' => 'bar', 'level1' => { 'level2' => 'baz' } }.deep_string_keys
+  #
+  # @return
+  #    { foo: 'bar', level1: { 'level2' => 'baz' } }
+  #
+  def deep_symbolize_keys
+    if( is_a?( Hash ) )
+      return inject({}) do |memo, (k, v)|
+        memo.tap { |m| m[k.to_sym] = v.deep_string_keys }
+      end
+    elsif( is_a?( Array ) )
+      return map(&:deep_string_keys)
+    end
+
+    self
+  end
+
+  # transform hash keys to strings
+  #
+  #
+  def deep_string_keys
+    if( is_a?( Hash ) )
+      return inject({}) do |memo, (k, v)|
+        memo.tap { |m| m[k.to_s] = v.deep_string_keys }
+      end
+    elsif( is_a?( Array ) )
+      return map(&:deep_string_keys)
+    end
+
+    self
+  end
+
+end
+
+# -----------------------------------------------------------------------------
+
+# check if is a checksum
+#
+class Object
+
+  REGEX = /\A[0-9a-f]{32,128}\z/i
+  CHARS = {
+    md2: 32,
+    md4: 32,
+    md5: 32,
+    sha1: 40,
+    sha224: 56,
+    sha256: 64,
+    sha384: 96,
+    sha512: 128
+  }
+
+  # return if this a checksum
+  #
+  # @example
+  #    checksum.be_a_checksum
+  #
+  def be_a_checksum
+    !!(self =~ REGEX)
+  end
+
+  # return true if the checksum created by spezified type
+  #
+  # @example
+  #    checksum.produced_by(:md5)
+  #
+  #    checksum.produced_by(:sha256)
+  #
+  #
+  def produced_by( name )
+    function = name.to_s.downcase.to_sym
+
+    raise ArgumentError, "unknown algorithm given to be_a_checksum.produced_by: #{function}" unless CHARS.include?(function)
+
+    return true if( size == CHARS[function] )
+    false
+  end
+end
+
+# -----------------------------------------------------------------------------
+
+# Monkey Patch to implement an Boolean Check
+# original from: https://stackoverflow.com/questions/3028243/check-if-ruby-object-is-a-boolean/3028378#3028378
+#
+#
+module Boolean; end
+class TrueClass; include Boolean; end
+class FalseClass; include Boolean; end
+
+true.is_a?(Boolean) #=> true
+false.is_a?(Boolean) #=> true
+
+# -----------------------------------------------------------------------------
+
+# add minutes
+#
+class Time
+
+  # add minutes 'm' to Time Object
+  #
+  def add_minutes(m)
+    self + (60 * m)
+  end
+end
+
+# -----------------------------------------------------------------------------