diff options
| -rw-r--r-- | platform.rb | 6 | ||||
| -rw-r--r-- | provider_base/services/monitor.json | 7 |
2 files changed, 13 insertions, 0 deletions
diff --git a/platform.rb b/platform.rb index 7d84c3fb..95705c76 100644 --- a/platform.rb +++ b/platform.rb @@ -43,6 +43,8 @@ Leap::Platform.define do :user_pgp => 'users/#{arg}/#{arg}_pgp.pub', :known_hosts => 'files/ssh/known_hosts', :authorized_keys => 'files/ssh/authorized_keys', + :monitor_pub_key => 'files/ssh/monitor_ssh.pub', + :monitor_priv_key => 'files/ssh/monitor_ssh', :ca_key => 'files/ca/ca.key', :ca_cert => 'files/ca/ca.crt', :client_ca_key => 'files/ca/client_ca.key', @@ -73,5 +75,9 @@ Leap::Platform.define do self.node_files = [ :node_config, :hiera, :node_x509_cert, :node_x509_key, :node_ssh_pub_key ] + + self.monitor_username = 'monitor' + + self.reserved_usernames = ['monitor'] end diff --git a/provider_base/services/monitor.json b/provider_base/services/monitor.json index 142a4b5e..9140901b 100644 --- a/provider_base/services/monitor.json +++ b/provider_base/services/monitor.json @@ -3,6 +3,13 @@ "nagiosadmin_pw": "= secret :nagios_admin_password", "hosts": "= nodes_like_me.pick_fields('domain.internal', 'ip_address', 'services', 'openvpn.gateway_address')" }, + "hosts": "= hosts_file(nodes_like_me[:services => '!monitor'])", + "ssh": { + "monitor": { + "username": "= Leap::Platform.monitor_username", + "private_key": "= file(:monitor_priv_key)" + } + }, "x509": { "use": true, "ca_cert": "= file :ca_cert, :missing => 'provider CA. Run `leap cert ca`'", |