-
Notifications
You must be signed in to change notification settings - Fork 36
/
cfgresources.go
204 lines (178 loc) · 6.43 KB
/
cfgresources.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
package cfgresources
import (
"encoding/json"
"os/exec"
"time"
)
// SetupChassis struct holds attributes for one time chassis setup.
type SetupChassis struct {
FlexAddress *flexAddress `yaml:"flexAddress"`
IpmiOverLan *ipmiOverLan `yaml:"ipmiOverLan"`
DynamicPower *dynamicPower `yaml:"dynamicPower"`
BladesPower *bladesPower `yaml:"bladesPower"`
AddBladeBmcAdmins []*BladeBmcAccount `yaml:"addBladeBmcAdmins"`
RemoveBladeBmcUsers []*BladeBmcAccount `yaml:"removeBladeBmcUsers"`
}
// ResourcesConfig struct holds all the configuration to be applied.
type ResourcesConfig struct {
Ldap *Ldap `yaml:"ldap"`
LdapGroups *LdapGroups `yaml:"ldapGroups"`
License *License `yaml:"license"`
Network *Network `yaml:"network"`
Syslog *Syslog `yaml:"syslog"`
User []*User `yaml:"user"`
HTTPSCert *HTTPSCert `yaml:"httpsCert"`
Ntp *Ntp `yaml:"ntp"`
Bios *Bios `yaml:"bios"`
Power *Power `yaml:"power"`
Supermicro *Supermicro `yaml:"supermicro"`
SetupChassis *SetupChassis `yaml:"setupChassis"`
}
// Power struct holds Power settings configuration for each vendor.
type Power struct {
HPE *HPE `yaml:"hpe"`
}
// Bios struct holds bios configuration for each vendor.
type Bios struct {
Dell *Dell `yaml:"dell"`
}
// BladeBmcAccount declares attributes for a Blade BMC user to be managed through the chassis.
type BladeBmcAccount struct {
Name string `yaml:"name"`
Password string `yaml:"password"`
}
// Enable/Disable Virtual Mac addresses for blades in a chassis.
// FlexAddresses in M1000e jargon.
// Virtual connect in HP C7000 jargon.
type flexAddress struct {
Enable bool `yaml:"enable"`
}
type ipmiOverLan struct {
Enable bool `yaml:"enable"`
}
// 'Dynamic Power' in HP C7000 Jargon.
// 'DPSE' (dynamic PSU engagement) in M1000e Dell jargon.
type dynamicPower struct {
Enable bool `yaml:"enable"`
}
// Ensure power state on all blades in chassis.
type bladesPower struct {
Enable bool `yaml:"enable"`
}
// User struct holds a BMC user account configuration.
type User struct {
Name string `yaml:"name"`
Password string `yaml:"password"`
Role string `yaml:"role"`
Enable bool `yaml:"enable,omitempty"`
SolEnable bool `yaml:"solEnable,omitempty"`
SNMPv3Enable bool `yaml:"snmpV3Enable,omitempty"`
}
// Syslog struct holds BMC syslog configuration.
type Syslog struct {
Server string `yaml:"server"`
Port int `yaml:"port,omitempty"`
Enable bool `yaml:"enable,omitempty"`
}
// Ldap struct holds BMC LDAP configuration.
type Ldap struct {
Server string `yaml:"server"`
Port int `yaml:"port"`
Enable bool `yaml:"enable"`
Role string `yaml:"role"`
BaseDn string `yaml:"baseDn"` // BaseDN is the starting point of the LDAP tree search.
BindDn string `yaml:"bindDn"` // BindDN is used to gain access to the LDAP tree.
Group string `yaml:"group"`
GroupBaseDn string `yaml:"groupBaseDn"`
UserAttribute string `yaml:"userAttribute"`
GroupAttribute string `yaml:"groupAttribute"`
SearchFilter string `yaml:"searchFilter"`
}
// License struct holds BMC licensing configuration.
type License struct {
Key string `yaml:"key"`
}
type LdapBin struct {
Executor string `yaml:"executor"`
Path string `yaml:"path"`
}
// LdapGroups holds all group-related configuration parameters.
// ExtraGroups is used in combination with Bin to add more groups at runtime.
type LdapGroups struct {
Bin *LdapBin `yaml:"bin"`
Groups []*LdapGroup `yaml:"groups"`
ExtraAdminGroups []*LdapGroup `json:"admins"`
ExtraUserGroups []*LdapGroup `json:"users"`
}
// If you want to add extra groups at runtime using a script, you have
// the option of specifying
// * Bin.Executor: Usually /bin/sh or /bin/bash and the like.
// * Bin.Path: Path your actual script.
// You get the serial of the asset and its vendor as two arguments.
// If you want more, create a GitHub issue and we will take a look.
func (l *LdapGroups) GetExtraGroups(serial, vendor string) (string, error) {
if l.Bin.Path == "" {
return "nothing", nil
}
cmd := exec.Command(l.Bin.Executor, l.Bin.Path, serial, vendor)
stdout, err := cmd.CombinedOutput()
if err != nil {
return string(stdout), err
}
err = json.Unmarshal(stdout, &l)
if err != nil {
return string(stdout), err
}
l.Groups = append(l.Groups, l.ExtraAdminGroups...)
l.Groups = append(l.Groups, l.ExtraUserGroups...)
return "success", nil
}
// LdapGroup struct holds a single BMC LDAP role group configuration.
type LdapGroup struct {
Role string `yaml:"role"`
Group string `yaml:"group"`
GroupBaseDn string `yaml:"groupBaseDn"`
Enable bool `yaml:"enable"`
}
// HTTPSCert struct holds BMC HTTPs cert configuration.
type HTTPSCert struct {
// Renew cert if it will expire in this time period.
RenewBeforeExpiry time.Duration `yaml:"renewBeforeExpiry"`
// Validate these attributes when renewing certs
ValidateAttributes []string `yaml:"validateAttributes"`
Attributes *HTTPSCertAttributes `yaml:"attributes"`
}
// HTTPSCertAttributes declares attributes that are part of a cert.
type HTTPSCertAttributes struct {
CommonName string `yaml:"commonName"`
OrganizationName string `yaml:"organizationName"`
OrganizationUnit string `yaml:"organizationUnit"`
Locality string `yaml:"locality"`
StateName string `yaml:"stateName"`
CountryCode string `yaml:"countryCode"`
Email string `yaml:"email"`
SubjectAltName string `yaml:"subjectAltName"`
}
// Network struct holds BMC network configuration.
type Network struct {
Hostname string `yaml:"hostname"`
DNSFromDHCP bool `yaml:"dnsFromDhcp"`
SSHEnable bool `yaml:"sshEnable"`
SSHPort int `yaml:"sshPort"`
SNMPEnable bool `yaml:"snmpEnable"`
SolEnable bool `yaml:"solEnable"` // SerialOverLan
IpmiEnable bool `yaml:"ipmiEnable"`
DhcpEnable bool `yaml:"dhcpEnable"`
IpmiPort int `yaml:"ipmiPort"`
KVMMediaPort int `yaml:"kvmMediaPort"`
KVMConsolePort int `yaml:"kvmConsolePort"`
DDNSEnable bool `yaml:"ddnsEnable"`
}
// Ntp struct holds BMC NTP configuration.
type Ntp struct {
Enable bool `yaml:"enable"`
Server1 string `yaml:"server1"`
Server2 string `yaml:"server2"`
Server3 string `yaml:"server3"`
Timezone string `yaml:"timezone"`
}