File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/states/__pycache__/icinga2.cpython-310.pyc
o
�����N�g�#�����������������������@���s`���d�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�m�Z���d�d���Z�d�d�d���Z d d
��Z
d�d���Z�d�d�d���Z�d�d���Z
d�S�)�a����
Icinga2 state
=============
.. versionadded:: 2017.7.0
:depends: - Icinga2 Python module
:configuration: See :py:mod:`salt.modules.icinga2` for setup instructions.
The icinga2 module is used to execute commands.
Its output may be stored in a file or in a grain.
.. code-block:: yaml
command_id:
icinga2.generate_ticket:
- name: domain.tld
- output: "/tmp/query_id.txt"
�����N)���get_certs_pathc��������������������C���s����d�t�v�r�d�S�d�S�)�zB
Only load if the icinga2 module is available in __salt__
��icinga2.generate_ticketT)�Fz"icinga2 module could not be loaded)���__salt__��r����r�����G/opt/saltstack/salt/lib/python3.10/site-packages/salt/states/icinga2.py��__virtual__����s����������r����Tc������������
�������C���sn���|�i�d�d�d���}�|�d�k�rr|�r3|�s3|�s!|�t�d�����v�r!d���|���|�d�<�|�S�t�d���r2d |�d
<�d���|���|�d�<�|�S�ns|�rh|�t�d�����v�rCt�d���|���}�n�i�}�|�sU|�|�v�rUd
��|�|���|�d�<�|�S�t�d���rgd |�d
<�d���|�|���|�d�<�|�S�n>d�|�d
<�d�|�d�<�|�S�|�r�|�s�t�j���|���r�d�|���d���|�d�<�|�S�t�d���r�d |�d
<�d���|���|�d�<�|�S�n�t�d���r�d |�d
<�d�|�d�<�|�S�t�d���|���}�|�d���}�|�d���s�t�|���|�d�<�|�d�k�r�|�r�|�s�t�d���|�|�����d�|�����|�d���d�<�|�S�|�r�|�t�d�����v�r�t�d���|���}�n�i�}�|�|�|�<�t�d���|�|�����d���|�|���|�d���d�<�|�S�|���r/d�|�����|�d���d�<�t�j�j �
|�d�����} | ��t�j�j��
|�������W�d ��������|�S�1���s(w�������Y���|�S�d�|�d���d�<�|�S�) a8���
Generate an icinga2 ticket on the master.
name
The domain name for which this ticket will be generated
output
grain: output in a grain
other: the file to store results
None: output to the result comment (default)
grain:
grain to store the output (need output=grain)
key:
the specified grain will be treated as a dictionary, the result
of this state will be stored under the specified key.
overwrite:
The file or grain will be overwritten if it already exists (default)
T������name��changes��result��comment��grainz grains.lsz)No execution needed. Grain {} already setr
�����testNr����z@Ticket generation would be executed, storing result in grain: {}z
grains.getz,No execution needed. Grain {}:{} already setzCTicket generation would be executed, storing result in grain: {}:{}Fz5Error: output type 'grain' needs the grain parameter
z�No execution needed. File z� already setz?Ticket generation would be executed, storing result in file: {}z7Ticket generation would be executed, not storing resultr������stdout��retcodez
grains.setvalz�Executed. Output into grain: r������ticketz"Executed. Output into grain: {}:{}z�Executed. Output into ��wZ�Executed)�r������format��__opts__��os��path��isfile��str��salt��utils��filesZ�fopen��writeZ�stringutilsZ�to_str)
r
�����outputr������keyZ overwrite��retZ�grain_valueZ
ticket_resr����Z�output_filer����r����r������generate_ticket%���s�����������������������������������������������������������������������������������������������������������������������������������������������
��������
�����������r!���c��������������������C���s����|�i�d�d�d���}�t�����|���d���}�t�����|���d���}�t�j���|���r-t�j���|���r-d���|�|���|�d�<�|�S�t�d���r;d |�d
<�d�|�d�<�|�S�t�d���|���}�|�d
��s[d�|�d�<�d�|�����|�d���d�<�d�|�����|�d���d�<�|�S�)�z�
Generate an icinga2 certificate and key on the client.
name
The domain name for which this certificate and key will be generated
Tr����r ���z�.crtz�.keyz<No execution needed. Cert: {} and key: {} already generated.r
���r����Nr����z0Certificate and key generation would be executedz�icinga2.generate_certr����z�Certificate and key generated��Executed. Certificate saved: r������certz�Executed. Key saved: r����)�r����r����r����r����r����r����r����)�r
���r ���r#���r����� cert_saver����r����r�����
generate_cert����s&�����������������������������������������r%���c��������������������C���s����|�i�d�d�d���}�t�����d���}�t�j���|���r�d�|���d���|�d�<�|�S�t�d���r+d |�d
<�d�|�d�<�|�S�t�d���|�|���}�|�d
��sCd�|�d�<�d�|�����|�d���d�<�|�S�)�z�
Save the certificate on master icinga2 node.
name
The domain name for which this certificate will be saved
master
Icinga2 master node for which this certificate will be saved
Tr����r ���z�trusted-master.crt��No execution needed. Cert: z� already saved.r
���r����Nr����z5Certificate save for icinga2 master would be executedz�icinga2.save_certr����z$Certificate for icinga2 master savedr"���r����r#���)�r����r����r����r����r����r����)�r
�����masterr ���r#���r$���r����r����r����� save_cert����s�����
��������������������������r(�����5665c��������������������C���s����|�i�d�d�d���}�t�����d���}�t�j���|���r�d�|���d���|�d�<�|�S�t�d���r+d |�d
<�d�|�d�<�|�S�t�d���|�|�|�|���}�|�d
��sGd�|�d�<�d�|�����|�d���d�<�|�S�d���|�d�����|�d�<�d�|�d
<�|�S�)�aM���
Request CA certificate from master icinga2 node.
name
The domain name for which this certificate will be saved
master
Icinga2 master node for which this certificate will be saved
ticket
Authentication ticket generated on icinga2 master
port
Icinga2 port, defaults to 5665
Tr����r ���z�ca.crtr&���z� already exists.r
���r����Nr����z9Certificate request from icinga2 master would be executedz�icinga2.request_certr����z0Certificate request from icinga2 master executedz!Executed. Certificate requested: r����r#���z4FAILED. Certificate requested failed with output: {}r����F��r����r����r����r����r����r����r����)�r
���r'���r������portr ���r#���Z�cert_requestr����r����r������request_cert����s&�����������������������������������������r,���c��������������������C���s����|�i�d�d�d���}�t�����|���d���}�t�����|���d���}�t�j���|���r)t�j���|���r)d�|�d�<�|�S�t�d���r7d |�d
<�d�|�d�<�|�S�t�d���|�|�|���}�|�d
��sOd�|�d�<�d�|�d���d�<�|�S�d���|�d�����|�d�<�d�|�d
<�|�S�)�a����
Setup the icinga2 node.
name
The domain name for which this certificate will be saved
master
Icinga2 master node for which this certificate will be saved
ticket
Authentication ticket generated on icinga2 master
Tr����r ���z .crt.origz .key.origz-No execution needed. Node already configured.r
���r����Nr����z�Node setup will be executed.z�icinga2.node_setupr����z�Node setup executed.z!Node setup finished successfully.r����r#���z(FAILED. Node setup failed with outpu: {}r����Fr*���)�r
���r'���r����r ���r#���r�����
node_setupr����r����r����r-�������s(����
��������������������������������������r-���)�NNNT)�r)���)���__doc__Z�os.pathr����Z�salt.utils.filesr����Z�salt.utils.stringutilsZ�salt.utils.icinga2r����r����r!���r%���r(���r,���r-���r����r����r����r������<module>����s����������������
�l�!
��*