diff options
Diffstat (limited to 'modules/tick')
-rw-r--r-- | modules/tick/files/plugins/certbot | 3 | ||||
-rw-r--r-- | modules/tick/files/plugins/certbot.conf | 3 | ||||
-rw-r--r-- | modules/tick/files/plugins/certbot.sudoers | 3 | ||||
-rw-r--r-- | modules/tick/files/plugins/certbot_inner | 14 | ||||
-rw-r--r-- | modules/tick/manifests/client/plugin/certbot.pp | 26 |
5 files changed, 49 insertions, 0 deletions
diff --git a/modules/tick/files/plugins/certbot b/modules/tick/files/plugins/certbot new file mode 100644 index 0000000..af3f340 --- /dev/null +++ b/modules/tick/files/plugins/certbot @@ -0,0 +1,3 @@ +#!/bin/sh + +sudo "$(dirname $0)/certbot_inner" diff --git a/modules/tick/files/plugins/certbot.conf b/modules/tick/files/plugins/certbot.conf new file mode 100644 index 0000000..0e4a923 --- /dev/null +++ b/modules/tick/files/plugins/certbot.conf @@ -0,0 +1,3 @@ +[[inputs.exec]] +commands = ["/etc/telegraf/plugins/certbot"] +data_format = "influx" diff --git a/modules/tick/files/plugins/certbot.sudoers b/modules/tick/files/plugins/certbot.sudoers new file mode 100644 index 0000000..bab97c7 --- /dev/null +++ b/modules/tick/files/plugins/certbot.sudoers @@ -0,0 +1,3 @@ +Cmnd_Alias CERTBOTINNER = /etc/telegraf/plugins/certbot_inner +telegraf ALL=(ALL) NOPASSWD: CERTBOTINNER +Defaults!CERTBOTINNER !logfile, !syslog, !pam_session diff --git a/modules/tick/files/plugins/certbot_inner b/modules/tick/files/plugins/certbot_inner new file mode 100644 index 0000000..5d31c35 --- /dev/null +++ b/modules/tick/files/plugins/certbot_inner @@ -0,0 +1,14 @@ +#!/usr/bin/env ruby + +require 'openssl' + +config_dir = "/media/persistent/certbot" + +(Dir.entries("#{config_dir}/live/") - [".", ".."]).each do |site| + next unless File.directory?("#{config_dir}/live/#{site}") + cert = File.read("#{config_dir}/live/#{site}/cert.pem") + x509 = OpenSSL::X509::Certificate.new(cert) + days = (x509.not_after - Time.now) / 60 / 60 / 24 + sanitized_site = site.gsub(/[^a-zA-Z0-9]/, '_') + puts "certbot,site=#{sanitized_site} days_remaining=#{days}" +end diff --git a/modules/tick/manifests/client/plugin/certbot.pp b/modules/tick/manifests/client/plugin/certbot.pp new file mode 100644 index 0000000..17d99ab --- /dev/null +++ b/modules/tick/manifests/client/plugin/certbot.pp @@ -0,0 +1,26 @@ +class tick::client::plugin::certbot { + file { + "/etc/telegraf/telegraf.d/certbot.conf": + source => 'puppet:///modules/tick/plugins/certbot.conf', + require => [ + File["/etc/telegraf/telegraf.d"], + File["/etc/telegraf/plugins/certbot"], + ], + notify => Service["telegraf"]; + "/etc/telegraf/plugins/certbot": + source => 'puppet:///modules/tick/plugins/certbot', + mode => '0755', + require => [ + File['/etc/telegraf/plugins'], + File['/etc/telegraf/plugins/certbot_inner'], + File['/etc/sudoers.d/telegraf-certbot'], + ]; + "/etc/telegraf/plugins/certbot_inner": + source => 'puppet:///modules/tick/plugins/certbot_inner', + mode => '0755', + require => File['/etc/telegraf/plugins']; + "/etc/sudoers.d/telegraf-certbot": + source => 'puppet:///modules/tick/plugins/certbot.sudoers', + require => Package['sudo']; + } +} |