opn_api 0.1.0

data/lib/opn_api/resource_registry.rb

@@ -0,0 +1,377 @@
+# frozen_string_literal: true
+
+module OpnApi
+  # Registry of known OPNsense resource types with their exact API endpoints.
+  #
+  # OPNsense has no consistent endpoint naming convention — some use snake_case
+  # with plural search (search_servers/add_server), others use camelCase
+  # (searchConnection/addConnection), and some use bare names (search/add).
+  # This registry maps user-friendly resource names to the correct API paths.
+  #
+  # Resource names follow the puppet-opn naming convention (opn_ prefix stripped).
+  #
+  # Each entry defines:
+  # - base_path: module/controller prefix (e.g. 'haproxy/settings')
+  # - search_action: full action name for search (e.g. 'search_servers')
+  # - crud_action: template for get/add/set/del — `%{action}` is replaced
+  #   (e.g. '%{action}_server' → 'get_server', 'add_server')
+  # - wrapper: POST body wrapper key (e.g. 'server')
+  # - singleton: true for settings resources (GET get / POST set, no UUID)
+  # - search_method: :get for resources using GET instead of POST for search
+  # - response_dig: keys to extract from GET response after unwrapping.
+  #   Single-element array → dig into that sub-key (e.g. ['settings']).
+  #   Multi-element array → slice those keys (e.g. ['general', 'maintenance']).
+  # - response_reject: keys to exclude from GET response (e.g. sub-resource data).
+  #
+  # @example
+  #   entry = OpnApi::ResourceRegistry.lookup('haproxy_server')
+  #   entry[:base_path]     # => 'haproxy/settings'
+  #   entry[:search_action] # => 'search_servers'
+  module ResourceRegistry
+    # Resource definitions keyed by puppet-opn name (without opn_ prefix).
+    RESOURCES = {
+      # --- ACME Client ---
+      'acmeclient_account' => {
+        base_path: 'acmeclient/accounts', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'account'
+      },
+      'acmeclient_action' => {
+        base_path: 'acmeclient/actions', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'action'
+      },
+      'acmeclient_certificate' => {
+        base_path: 'acmeclient/certificates', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'certificate'
+      },
+      'acmeclient_settings' => {
+        base_path: 'acmeclient/settings', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'acmeclient',
+        singleton: true, search_method: :get,
+        response_dig: ['settings']
+      },
+      'acmeclient_validation' => {
+        base_path: 'acmeclient/validations', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'validation'
+      },
+      # --- Cron ---
+      'cron' => {
+        base_path: 'cron/settings', search_action: 'search_jobs',
+        crud_action: '%{action}_job', wrapper: 'job'
+      },
+      # --- DHC Relay ---
+      'dhcrelay' => {
+        base_path: 'dhcrelay/settings', search_action: 'search_relay',
+        crud_action: '%{action}_relay', wrapper: 'relay'
+      },
+      'dhcrelay_destination' => {
+        base_path: 'dhcrelay/settings', search_action: 'search_dest',
+        crud_action: '%{action}_dest', wrapper: 'destination'
+      },
+      # --- Firewall ---
+      'firewall_alias' => {
+        base_path: 'firewall/alias', search_action: 'search_item',
+        crud_action: '%{action}_item', wrapper: 'alias'
+      },
+      'firewall_category' => {
+        base_path: 'firewall/category', search_action: 'search_item',
+        crud_action: '%{action}_item', wrapper: 'category'
+      },
+      'firewall_group' => {
+        base_path: 'firewall/group', search_action: 'search_item',
+        crud_action: '%{action}_item', wrapper: 'group'
+      },
+      'firewall_rule' => {
+        base_path: 'firewall/filter', search_action: 'search_rule',
+        crud_action: '%{action}_rule', wrapper: 'rule'
+      },
+      # --- Gateway ---
+      'gateway' => {
+        base_path: 'routing/settings', search_action: 'searchGateway',
+        crud_action: '%{action}Gateway', wrapper: 'gateway_item'
+      },
+      # --- Group (auth) ---
+      'group' => {
+        base_path: 'auth/group', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'group'
+      },
+      # --- HAProxy ---
+      'haproxy_acl' => {
+        base_path: 'haproxy/settings', search_action: 'search_acls',
+        crud_action: '%{action}_acl', wrapper: 'acl'
+      },
+      'haproxy_action' => {
+        base_path: 'haproxy/settings', search_action: 'search_actions',
+        crud_action: '%{action}_action', wrapper: 'action'
+      },
+      'haproxy_backend' => {
+        base_path: 'haproxy/settings', search_action: 'search_backends',
+        crud_action: '%{action}_backend', wrapper: 'backend'
+      },
+      'haproxy_cpu' => {
+        base_path: 'haproxy/settings', search_action: 'search_cpus',
+        crud_action: '%{action}_cpu', wrapper: 'cpu'
+      },
+      'haproxy_errorfile' => {
+        base_path: 'haproxy/settings', search_action: 'search_errorfiles',
+        crud_action: '%{action}_errorfile', wrapper: 'errorfile'
+      },
+      'haproxy_fcgi' => {
+        base_path: 'haproxy/settings', search_action: 'search_fcgis',
+        crud_action: '%{action}_fcgi', wrapper: 'fcgi'
+      },
+      'haproxy_frontend' => {
+        base_path: 'haproxy/settings', search_action: 'search_frontends',
+        crud_action: '%{action}_frontend', wrapper: 'frontend'
+      },
+      'haproxy_group' => {
+        base_path: 'haproxy/settings', search_action: 'search_groups',
+        crud_action: '%{action}_group', wrapper: 'group'
+      },
+      'haproxy_healthcheck' => {
+        base_path: 'haproxy/settings', search_action: 'search_healthchecks',
+        crud_action: '%{action}_healthcheck', wrapper: 'healthcheck'
+      },
+      'haproxy_lua' => {
+        base_path: 'haproxy/settings', search_action: 'search_luas',
+        crud_action: '%{action}_lua', wrapper: 'lua'
+      },
+      'haproxy_mailer' => {
+        base_path: 'haproxy/settings', search_action: 'searchmailers',
+        crud_action: '%{action}mailer', wrapper: 'mailer'
+      },
+      'haproxy_mapfile' => {
+        base_path: 'haproxy/settings', search_action: 'search_mapfiles',
+        crud_action: '%{action}_mapfile', wrapper: 'mapfile'
+      },
+      'haproxy_resolver' => {
+        base_path: 'haproxy/settings', search_action: 'searchresolvers',
+        crud_action: '%{action}resolver', wrapper: 'resolver'
+      },
+      'haproxy_server' => {
+        base_path: 'haproxy/settings', search_action: 'search_servers',
+        crud_action: '%{action}_server', wrapper: 'server'
+      },
+      'haproxy_settings' => {
+        base_path: 'haproxy/settings', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'haproxy',
+        singleton: true, search_method: :get,
+        response_dig: %w[general maintenance]
+      },
+      'haproxy_user' => {
+        base_path: 'haproxy/settings', search_action: 'search_users',
+        crud_action: '%{action}_user', wrapper: 'user'
+      },
+      # --- HA Sync ---
+      'hasync' => {
+        base_path: 'core/hasync', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'hasync',
+        singleton: true, search_method: :get
+      },
+      # --- IPsec ---
+      'ipsec_child' => {
+        base_path: 'ipsec/connections', search_action: 'searchChild',
+        crud_action: '%{action}Child', wrapper: 'child'
+      },
+      'ipsec_connection' => {
+        base_path: 'ipsec/connections', search_action: 'searchConnection',
+        crud_action: '%{action}Connection', wrapper: 'connection'
+      },
+      'ipsec_keypair' => {
+        base_path: 'ipsec/key_pairs', search_action: 'search_item',
+        crud_action: '%{action}_item', wrapper: 'keyPair'
+      },
+      'ipsec_local' => {
+        base_path: 'ipsec/connections', search_action: 'searchLocal',
+        crud_action: '%{action}Local', wrapper: 'local'
+      },
+      'ipsec_pool' => {
+        base_path: 'ipsec/pools', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'pool'
+      },
+      'ipsec_presharedkey' => {
+        base_path: 'ipsec/pre_shared_keys', search_action: 'search_item',
+        crud_action: '%{action}_item', wrapper: 'preSharedKey'
+      },
+      'ipsec_remote' => {
+        base_path: 'ipsec/connections', search_action: 'searchRemote',
+        crud_action: '%{action}Remote', wrapper: 'remote'
+      },
+      'ipsec_settings' => {
+        base_path: 'ipsec/settings', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'ipsec',
+        singleton: true, search_method: :get,
+        response_dig: %w[general charon]
+      },
+      'ipsec_vti' => {
+        base_path: 'ipsec/vti', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'vti'
+      },
+      # --- Kea DHCP ---
+      'kea_ctrl_agent' => {
+        base_path: 'kea/ctrl_agent', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'ctrlagent',
+        singleton: true, search_method: :get,
+        response_dig: ['general']
+      },
+      'kea_dhcpv4' => {
+        base_path: 'kea/dhcpv4', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'dhcpv4',
+        singleton: true, search_method: :get,
+        response_dig: %w[general lexpire ha]
+      },
+      'kea_dhcpv4_peer' => {
+        base_path: 'kea/dhcpv4', search_action: 'searchPeer',
+        crud_action: '%{action}Peer', wrapper: 'peer'
+      },
+      'kea_dhcpv4_reservation' => {
+        base_path: 'kea/dhcpv4', search_action: 'searchReservation',
+        crud_action: '%{action}Reservation', wrapper: 'reservation'
+      },
+      'kea_dhcpv4_subnet' => {
+        base_path: 'kea/dhcpv4', search_action: 'searchSubnet',
+        crud_action: '%{action}Subnet', wrapper: 'subnet4'
+      },
+      'kea_dhcpv6' => {
+        base_path: 'kea/dhcpv6', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'dhcpv6',
+        singleton: true, search_method: :get,
+        response_dig: %w[general lexpire ha]
+      },
+      'kea_dhcpv6_pd_pool' => {
+        base_path: 'kea/dhcpv6', search_action: 'searchPdPool',
+        crud_action: '%{action}PdPool', wrapper: 'pd_pool'
+      },
+      'kea_dhcpv6_peer' => {
+        base_path: 'kea/dhcpv6', search_action: 'searchPeer',
+        crud_action: '%{action}Peer', wrapper: 'peer'
+      },
+      'kea_dhcpv6_reservation' => {
+        base_path: 'kea/dhcpv6', search_action: 'searchReservation',
+        crud_action: '%{action}Reservation', wrapper: 'reservation'
+      },
+      'kea_dhcpv6_subnet' => {
+        base_path: 'kea/dhcpv6', search_action: 'searchSubnet',
+        crud_action: '%{action}Subnet', wrapper: 'subnet6'
+      },
+      # --- Node Exporter ---
+      'node_exporter' => {
+        base_path: 'nodeexporter/general', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'general',
+        singleton: true, search_method: :get
+      },
+      # --- OpenVPN ---
+      'openvpn_cso' => {
+        base_path: 'openvpn/client_overwrites', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'cso'
+      },
+      'openvpn_instance' => {
+        base_path: 'openvpn/instances', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'instance'
+      },
+      'openvpn_statickey' => {
+        base_path: 'openvpn/instances', search_action: 'search_static_key',
+        crud_action: '%{action}_static_key', wrapper: 'statickey'
+      },
+      # --- Route ---
+      'route' => {
+        base_path: 'routes/routes', search_action: 'searchroute',
+        crud_action: '%{action}route', wrapper: 'route'
+      },
+      # --- Snapshot ---
+      'snapshot' => {
+        base_path: 'core/snapshots', search_action: 'search',
+        crud_action: '%{action}', wrapper: nil,
+        search_method: :get
+      },
+      # --- Syslog ---
+      'syslog' => {
+        base_path: 'syslog/settings', search_action: 'search_destinations',
+        crud_action: '%{action}_destination', wrapper: 'destination'
+      },
+      # --- Trust ---
+      'trust_ca' => {
+        base_path: 'trust/ca', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'ca'
+      },
+      'trust_cert' => {
+        base_path: 'trust/cert', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'cert'
+      },
+      'trust_crl' => {
+        base_path: 'trust/crl', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'crl',
+        search_method: :get
+      },
+      # --- Tunable ---
+      'tunable' => {
+        base_path: 'core/tunables', search_action: 'search_item',
+        crud_action: '%{action}_item', wrapper: 'sysctl'
+      },
+      # --- User ---
+      'user' => {
+        base_path: 'auth/user', search_action: 'search',
+        crud_action: '%{action}', wrapper: 'user'
+      },
+      # --- Zabbix Agent ---
+      'zabbix_agent' => {
+        base_path: 'zabbixagent/settings', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'zabbixagent',
+        singleton: true, search_method: :get,
+        response_reject: %w[userparameters aliases]
+      },
+      'zabbix_agent_alias' => {
+        base_path: 'zabbixagent/settings', search_action: 'get',
+        crud_action: '%{action}Alias', wrapper: 'alias',
+        search_method: :get
+      },
+      'zabbix_agent_userparameter' => {
+        base_path: 'zabbixagent/settings', search_action: 'get',
+        crud_action: '%{action}Userparameter', wrapper: 'userparameter',
+        search_method: :get
+      },
+      # --- Zabbix Proxy ---
+      'zabbix_proxy' => {
+        base_path: 'zabbixproxy/general', search_action: 'get',
+        crud_action: '%{action}', wrapper: 'general',
+        singleton: true, search_method: :get
+      },
+    }.freeze
+
+    class << self
+      # Looks up a resource by name.
+      #
+      # @param name [String] Resource name (e.g. 'haproxy_server')
+      # @return [Hash, nil] Resource definition or nil if not found
+      def lookup(name)
+        RESOURCES[name.to_s]
+      end
+
+      # Returns all registered resource names (sorted).
+      #
+      # @return [Array<String>]
+      def names
+        RESOURCES.keys.sort
+      end
+
+      # Builds a Resource instance from a registry entry.
+      #
+      # @param client [OpnApi::Client] API client
+      # @param name [String] Resource name from registry
+      # @return [OpnApi::Resource]
+      # @raise [OpnApi::Error] if resource name not found
+      def build(client, name)
+        entry = lookup(name)
+        raise OpnApi::Error, "Unknown resource type: '#{name}'. Run 'opn-api resources' for a list." unless entry
+
+        OpnApi::Resource.new(
+          client: client,
+          base_path: entry[:base_path],
+          search_action: entry[:search_action],
+          crud_action: entry[:crud_action],
+          singleton: entry[:singleton] || false,
+          search_method: entry[:search_method] || :post,
+        )
+      end
+    end
+  end
+end

data/lib/opn_api/service_reconfigure.rb

@@ -0,0 +1,293 @@
+# frozen_string_literal: true
+
+module OpnApi
+  # Unified reconfigure handler with registry pattern.
+  #
+  # Each reconfigure group is registered as a named instance. Callers
+  # call mark() to track devices with pending changes, then run() to
+  # perform the actual reconfigure. The first run() call performs the
+  # work; subsequent calls are no-ops because tracking state is cleared.
+  #
+  # Error tracking: if any caller marks a device as errored (via mark_error),
+  # reconfigure is skipped for that device.
+  #
+  # @example Register and use a reconfigure group
+  #   OpnApi::ServiceReconfigure.register(:ipsec,
+  #     endpoint: 'ipsec/service/reconfigure',
+  #     log_prefix: 'opn_ipsec')
+  #
+  #   OpnApi::ServiceReconfigure[:ipsec].mark('myfw', client)
+  #   results = OpnApi::ServiceReconfigure[:ipsec].run
+  #   # => { 'myfw' => :ok }
+  class ServiceReconfigure
+    # Global registry of named instances.
+    @registry = {}
+    @defaults_loaded = false
+
+    # Registers a new reconfigure group. Idempotent — returns the existing
+    # instance if the name is already registered.
+    #
+    # @param name [Symbol] Unique group identifier (e.g. :haproxy, :ipsec)
+    # @param endpoint [String] API endpoint for POST reconfigure call
+    # @param log_prefix [String] Prefix for log messages
+    # @param configtest_endpoint [String, nil] Optional GET endpoint for configtest.
+    #   When set, configtest is run before reconfigure; ALERT results skip reconfigure.
+    # @return [ServiceReconfigure] The registered instance
+    def self.register(name, endpoint:, log_prefix:, configtest_endpoint: nil)
+      @registry[name] ||= new(
+        name: name,
+        endpoint: endpoint,
+        log_prefix: log_prefix,
+        configtest_endpoint: configtest_endpoint,
+      )
+    end
+
+    # Retrieves a registered instance by name. Loads defaults on first access
+    # if not already loaded.
+    #
+    # @param name [Symbol]
+    # @return [ServiceReconfigure]
+    # @raise [OpnApi::Error] if the name is not registered
+    def self.[](name)
+      load_defaults! unless @defaults_loaded
+      instance = @registry[name]
+      raise OpnApi::Error, "ServiceReconfigure: unknown group '#{name}'" unless instance
+
+      instance
+    end
+
+    # Returns all registered group names.
+    #
+    # @return [Array<Symbol>]
+    def self.registered_names
+      load_defaults! unless @defaults_loaded
+      @registry.keys
+    end
+
+    # Clears all registrations and instance state.
+    def self.reset!
+      @registry.each_value(&:clear_state)
+      @registry.clear
+      @defaults_loaded = false
+    end
+
+    # Registers all default OPNsense reconfigure groups.
+    # Called automatically on first access via [], but can be called
+    # explicitly for eager loading.
+    def self.load_defaults!
+      return if @defaults_loaded
+
+      @defaults_loaded = true
+      register_defaults
+    end
+
+    # @return [Symbol] The group name
+    attr_reader :name
+
+    # Registers a device as having pending changes. Subsequent calls for
+    # the same device are ignored (first client wins).
+    #
+    # @param device_name [String]
+    # @param client [OpnApi::Client]
+    def mark(device_name, client)
+      @devices_to_reconfigure[device_name] ||= client
+    end
+
+    # Registers a device as having a resource evaluation error. Used to
+    # suppress reconfigure when the service config may be inconsistent.
+    #
+    # @param device_name [String]
+    def mark_error(device_name)
+      @devices_with_errors[device_name] = true
+    end
+
+    # Performs reconfigure for all marked devices, then clears state.
+    # Returns a result hash per device.
+    #
+    # @return [Hash{String => Symbol}] Results per device:
+    #   :ok — reconfigure succeeded
+    #   :skipped — skipped due to error or configtest ALERT
+    #   :error — reconfigure call failed
+    #   :warning — reconfigure returned unexpected status
+    def run
+      results = {}
+      @devices_to_reconfigure.each do |device_name, client|
+        results[device_name] = reconfigure_device(device_name, client)
+      end
+      clear_state
+      results
+    end
+
+    # Clears all tracking state (devices + errors).
+    def clear_state
+      @devices_to_reconfigure.clear
+      @devices_with_errors.clear
+    end
+
+    private
+
+    def initialize(name:, endpoint:, log_prefix:, configtest_endpoint:)
+      @name = name
+      @endpoint = endpoint
+      @log_prefix = log_prefix
+      @configtest_endpoint = configtest_endpoint
+      @devices_to_reconfigure = {}
+      @devices_with_errors = {}
+    end
+
+    # Reconfigures a single device. Returns a status symbol.
+    def reconfigure_device(device_name, client)
+      # Skip devices with resource evaluation errors
+      if @devices_with_errors[device_name]
+        OpnApi.logger.error(
+          "#{@log_prefix}: skipping reconfigure for '#{device_name}' " \
+          'because one or more resources failed to evaluate',
+        )
+        return :skipped
+      end
+
+      # Run configtest if configured (e.g. HAProxy)
+      return :skipped if @configtest_endpoint && !run_configtest(device_name, client)
+
+      execute_reconfigure(device_name, client)
+    rescue OpnApi::Error => e
+      OpnApi.logger.error("#{@log_prefix}: reconfigure of '#{device_name}' failed: #{e.message}")
+      :error
+    end
+
+    # Runs configtest for a device. Returns true if reconfigure should proceed.
+    def run_configtest(device_name, client)
+      result      = client.get(@configtest_endpoint)
+      test_output = result.is_a?(Hash) ? result['result'].to_s : ''
+
+      if test_output.include?('ALERT')
+        OpnApi.logger.error(
+          "#{@log_prefix}: configtest for '#{device_name}' reported ALERT, " \
+          "skipping reconfigure: #{test_output.strip}",
+        )
+        return false
+      elsif test_output.include?('WARNING')
+        OpnApi.logger.warning(
+          "#{@log_prefix}: configtest for '#{device_name}' reported WARNING: " \
+          "#{test_output.strip}",
+        )
+      else
+        OpnApi.logger.notice("#{@log_prefix}: configtest for '#{device_name}' passed")
+      end
+
+      true
+    end
+
+    # Executes the reconfigure POST and returns a status symbol.
+    def execute_reconfigure(device_name, client)
+      reconf = client.post(@endpoint, {})
+      status = reconf.is_a?(Hash) ? reconf['status'].to_s.strip.downcase : nil
+      if status == 'ok'
+        OpnApi.logger.notice("#{@log_prefix}: reconfigure of '#{device_name}' completed")
+        :ok
+      else
+        OpnApi.logger.warning(
+          "#{@log_prefix}: reconfigure of '#{device_name}' returned unexpected " \
+          "status: #{reconf.inspect}",
+        )
+        :warning
+      end
+    end
+
+    # Registers all default OPNsense reconfigure groups (ported from
+    # puppet-opn's service_reconfigure_registry.rb).
+    def self.register_defaults
+      # ACME Client
+      register(:acmeclient,
+               endpoint: 'acmeclient/service/reconfigure',
+               log_prefix: 'opn_acmeclient')
+
+      # Cron jobs
+      register(:cron,
+               endpoint: 'cron/service/reconfigure',
+               log_prefix: 'opn_cron')
+
+      # DHCP Relay
+      register(:dhcrelay,
+               endpoint: 'dhcrelay/service/reconfigure',
+               log_prefix: 'opn_dhcrelay')
+
+      # Firewall aliases
+      register(:firewall_alias,
+               endpoint: 'firewall/alias/reconfigure',
+               log_prefix: 'opn_firewall_alias')
+
+      # Firewall interface groups
+      register(:firewall_group,
+               endpoint: 'firewall/group/reconfigure',
+               log_prefix: 'opn_firewall_group')
+
+      # Firewall rules (uses 'apply' instead of 'reconfigure')
+      register(:firewall_rule,
+               endpoint: 'firewall/filter/apply',
+               log_prefix: 'opn_firewall_rule')
+
+      # Routing gateways
+      register(:gateway,
+               endpoint: 'routing/settings/reconfigure',
+               log_prefix: 'opn_gateway')
+
+      # HAProxy (with configtest before reconfigure)
+      register(:haproxy,
+               endpoint: 'haproxy/service/reconfigure',
+               log_prefix: 'opn_haproxy',
+               configtest_endpoint: 'haproxy/service/configtest')
+
+      # HA sync / CARP
+      register(:hasync,
+               endpoint: 'core/hasync/reconfigure',
+               log_prefix: 'opn_hasync')
+
+      # IPsec
+      register(:ipsec,
+               endpoint: 'ipsec/service/reconfigure',
+               log_prefix: 'opn_ipsec')
+
+      # KEA DHCP
+      register(:kea,
+               endpoint: 'kea/service/reconfigure',
+               log_prefix: 'opn_kea')
+
+      # Node Exporter
+      register(:node_exporter,
+               endpoint: 'nodeexporter/service/reconfigure',
+               log_prefix: 'opn_node_exporter')
+
+      # OpenVPN
+      register(:openvpn,
+               endpoint: 'openvpn/service/reconfigure',
+               log_prefix: 'opn_openvpn')
+
+      # Static routes
+      register(:route,
+               endpoint: 'routes/routes/reconfigure',
+               log_prefix: 'opn_route')
+
+      # Syslog
+      register(:syslog,
+               endpoint: 'syslog/service/reconfigure',
+               log_prefix: 'opn_syslog')
+
+      # System tunables (sysctl)
+      register(:tunable,
+               endpoint: 'core/tunables/reconfigure',
+               log_prefix: 'opn_tunable')
+
+      # Zabbix Agent
+      register(:zabbix_agent,
+               endpoint: 'zabbixagent/service/reconfigure',
+               log_prefix: 'opn_zabbix_agent')
+
+      # Zabbix Proxy
+      register(:zabbix_proxy,
+               endpoint: 'zabbixproxy/service/reconfigure',
+               log_prefix: 'opn_zabbix_proxy')
+    end
+    private_class_method :register_defaults
+  end
+end

data/lib/opn_api/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module OpnApi
+  VERSION = '0.1.0'
+end