wip: example score with impl topolgy for opnsense topology
This commit is contained in:
@@ -18,3 +18,4 @@ log = { workspace = true }
|
|||||||
env_logger = { workspace = true }
|
env_logger = { workspace = true }
|
||||||
url = { workspace = true }
|
url = { workspace = true }
|
||||||
serde.workspace = true
|
serde.workspace = true
|
||||||
|
async-trait.workspace = true
|
||||||
|
|||||||
@@ -3,99 +3,66 @@ use std::{
|
|||||||
sync::Arc,
|
sync::Arc,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
use async_trait::async_trait;
|
||||||
use cidr::Ipv4Cidr;
|
use cidr::Ipv4Cidr;
|
||||||
use harmony::{
|
use harmony::{
|
||||||
|
executors::ExecutorError,
|
||||||
hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
|
hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
|
||||||
infra::opnsense::OPNSenseManagementInterface,
|
infra::opnsense::OPNSenseManagementInterface,
|
||||||
inventory::Inventory,
|
inventory::Inventory,
|
||||||
modules::opnsense::node_exporter::NodeExporterScore,
|
modules::opnsense::node_exporter::NodeExporterScore,
|
||||||
topology::{HAClusterTopology, LogicalHost, UnmanagedRouter},
|
topology::{
|
||||||
|
HAClusterTopology, LogicalHost, PreparationError, PreparationOutcome, Topology,
|
||||||
|
UnmanagedRouter, node_exporter::NodeExporter,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
use harmony_macros::{ip, ipv4, mac_address};
|
use harmony_macros::{ip, ipv4, mac_address};
|
||||||
|
|
||||||
|
struct OpnSenseTopology {
|
||||||
|
node_exporter: Arc<dyn NodeExporter>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[async_trait]
|
||||||
|
impl Topology for OpnSenseTopology {
|
||||||
|
async fn ensure_ready(&self) -> Result<PreparationOutcome, PreparationError> {
|
||||||
|
Ok(PreparationOutcome::Success{ details: "Success".to_string() })
|
||||||
|
}
|
||||||
|
fn name(&self) -> &str {
|
||||||
|
"OpnsenseTopology"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[async_trait]
|
||||||
|
impl NodeExporter for OpnSenseTopology {
|
||||||
|
async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
|
||||||
|
self.node_exporter.ensure_initialized().await
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn commit_config(&self) -> Result<(), ExecutorError> {
|
||||||
|
self.node_exporter.commit_config().await
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn reload_restart(&self) -> Result<(), ExecutorError> {
|
||||||
|
self.node_exporter.reload_restart().await
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[tokio::main]
|
#[tokio::main]
|
||||||
async fn main() {
|
async fn main() {
|
||||||
let firewall = harmony::topology::LogicalHost {
|
let firewall = harmony::topology::LogicalHost {
|
||||||
ip: ip!("192.168.33.1"),
|
ip: ip!("192.168.1.1"),
|
||||||
name: String::from("fw0"),
|
name: String::from("fw0"),
|
||||||
};
|
};
|
||||||
|
|
||||||
let opnsense = Arc::new(
|
let opnsense = Arc::new(
|
||||||
harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
|
harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
|
||||||
);
|
);
|
||||||
let lan_subnet = Ipv4Addr::new(192, 168, 33, 0);
|
|
||||||
let gateway_ipv4 = Ipv4Addr::new(192, 168, 33, 1);
|
let topology = OpnSenseTopology {
|
||||||
let gateway_ip = IpAddr::V4(gateway_ipv4);
|
|
||||||
let topology = harmony::topology::HAClusterTopology {
|
|
||||||
domain_name: "ncd0.harmony.mcd".to_string(),
|
|
||||||
router: Arc::new(UnmanagedRouter::new(
|
|
||||||
gateway_ip,
|
|
||||||
Ipv4Cidr::new(lan_subnet, 24).unwrap(),
|
|
||||||
)),
|
|
||||||
load_balancer: opnsense.clone(),
|
|
||||||
firewall: opnsense.clone(),
|
|
||||||
tftp_server: opnsense.clone(),
|
|
||||||
http_server: opnsense.clone(),
|
|
||||||
dhcp_server: opnsense.clone(),
|
|
||||||
dns_server: opnsense.clone(),
|
|
||||||
control_plane: vec![
|
|
||||||
LogicalHost {
|
|
||||||
ip: ip!("192.168.33.20"),
|
|
||||||
name: "cp0".to_string(),
|
|
||||||
},
|
|
||||||
LogicalHost {
|
|
||||||
ip: ip!("192.168.33.21"),
|
|
||||||
name: "cp1".to_string(),
|
|
||||||
},
|
|
||||||
LogicalHost {
|
|
||||||
ip: ip!("192.168.33.22"),
|
|
||||||
name: "cp2".to_string(),
|
|
||||||
},
|
|
||||||
],
|
|
||||||
bootstrap_host: LogicalHost {
|
|
||||||
ip: ip!("192.168.33.66"),
|
|
||||||
name: "bootstrap".to_string(),
|
|
||||||
},
|
|
||||||
workers: vec![
|
|
||||||
LogicalHost {
|
|
||||||
ip: ip!("192.168.33.30"),
|
|
||||||
name: "wk0".to_string(),
|
|
||||||
},
|
|
||||||
LogicalHost {
|
|
||||||
ip: ip!("192.168.33.31"),
|
|
||||||
name: "wk1".to_string(),
|
|
||||||
},
|
|
||||||
LogicalHost {
|
|
||||||
ip: ip!("192.168.33.32"),
|
|
||||||
name: "wk2".to_string(),
|
|
||||||
},
|
|
||||||
],
|
|
||||||
switch: vec![],
|
|
||||||
node_exporter: opnsense.clone(),
|
node_exporter: opnsense.clone(),
|
||||||
};
|
};
|
||||||
|
|
||||||
let inventory = Inventory {
|
let inventory = Inventory::empty();
|
||||||
location: Location::new("I am mobile".to_string(), "earth".to_string()),
|
|
||||||
switch: SwitchGroup::from([]),
|
|
||||||
firewall_mgmt: Box::new(OPNSenseManagementInterface::new()),
|
|
||||||
storage_host: vec![],
|
|
||||||
worker_host: vec![
|
|
||||||
PhysicalHost::empty(HostCategory::Server)
|
|
||||||
.mac_address(mac_address!("C4:62:37:02:61:0F")),
|
|
||||||
PhysicalHost::empty(HostCategory::Server)
|
|
||||||
.mac_address(mac_address!("C4:62:37:02:61:26")),
|
|
||||||
PhysicalHost::empty(HostCategory::Server)
|
|
||||||
.mac_address(mac_address!("C4:62:37:02:61:70")),
|
|
||||||
],
|
|
||||||
control_plane_host: vec![
|
|
||||||
PhysicalHost::empty(HostCategory::Server)
|
|
||||||
.mac_address(mac_address!("C4:62:37:02:60:FA")),
|
|
||||||
PhysicalHost::empty(HostCategory::Server)
|
|
||||||
.mac_address(mac_address!("C4:62:37:02:61:1A")),
|
|
||||||
PhysicalHost::empty(HostCategory::Server)
|
|
||||||
.mac_address(mac_address!("C4:62:37:01:BC:68")),
|
|
||||||
],
|
|
||||||
};
|
|
||||||
|
|
||||||
let node_exporter_score = NodeExporterScore {};
|
let node_exporter_score = NodeExporterScore {};
|
||||||
|
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ impl NodeExporter for OPNSenseFirewall {
|
|||||||
})?;
|
})?;
|
||||||
}
|
}
|
||||||
|
|
||||||
config.node_exporter().enable(true);
|
config.node_exporter().enable(true).map_err(|e|ExecutorError::UnexpectedError(e.to_string()))?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
async fn commit_config(&self) -> Result<(), ExecutorError> {
|
async fn commit_config(&self) -> Result<(), ExecutorError> {
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ pub struct OPNsense {
|
|||||||
pub interfaces: NamedList<Interface>,
|
pub interfaces: NamedList<Interface>,
|
||||||
pub dhcpd: NamedList<DhcpInterface>,
|
pub dhcpd: NamedList<DhcpInterface>,
|
||||||
pub snmpd: Snmpd,
|
pub snmpd: Snmpd,
|
||||||
pub syslog: Syslog,
|
pub syslog: Option<Syslog>,
|
||||||
pub nat: Nat,
|
pub nat: Nat,
|
||||||
pub filter: Filters,
|
pub filter: Filters,
|
||||||
pub load_balancer: Option<LoadBalancer>,
|
pub load_balancer: Option<LoadBalancer>,
|
||||||
@@ -190,7 +190,7 @@ pub struct System {
|
|||||||
pub webgui: WebGui,
|
pub webgui: WebGui,
|
||||||
pub usevirtualterminal: u8,
|
pub usevirtualterminal: u8,
|
||||||
pub disablenatreflection: Option<String>,
|
pub disablenatreflection: Option<String>,
|
||||||
pub disableconsolemenu: u8,
|
pub disableconsolemenu: Option<u8>,
|
||||||
pub disablevlanhwfilter: u8,
|
pub disablevlanhwfilter: u8,
|
||||||
pub disablechecksumoffloading: u8,
|
pub disablechecksumoffloading: u8,
|
||||||
pub disablesegmentationoffloading: u8,
|
pub disablesegmentationoffloading: u8,
|
||||||
@@ -216,7 +216,7 @@ pub struct System {
|
|||||||
pub maximumfrags: Option<MaybeString>,
|
pub maximumfrags: Option<MaybeString>,
|
||||||
pub aliasesresolveinterval: Option<MaybeString>,
|
pub aliasesresolveinterval: Option<MaybeString>,
|
||||||
pub maximumtableentries: Option<MaybeString>,
|
pub maximumtableentries: Option<MaybeString>,
|
||||||
pub language: String,
|
pub language: Option<String>,
|
||||||
pub dnsserver: Option<MaybeString>,
|
pub dnsserver: Option<MaybeString>,
|
||||||
pub dns1gw: Option<String>,
|
pub dns1gw: Option<String>,
|
||||||
pub dns2gw: Option<String>,
|
pub dns2gw: Option<String>,
|
||||||
@@ -233,16 +233,16 @@ pub struct System {
|
|||||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||||
pub struct Ssh {
|
pub struct Ssh {
|
||||||
pub group: String,
|
pub group: String,
|
||||||
pub noauto: u8,
|
pub noauto: Option<u8>,
|
||||||
pub interfaces: MaybeString,
|
pub interfaces: Option<MaybeString>,
|
||||||
pub kex: MaybeString,
|
pub kex: Option<MaybeString>,
|
||||||
pub ciphers: MaybeString,
|
pub ciphers: Option<MaybeString>,
|
||||||
pub macs: MaybeString,
|
pub macs: Option<MaybeString>,
|
||||||
pub keys: MaybeString,
|
pub keys: Option<MaybeString>,
|
||||||
pub enabled: String,
|
pub enabled: Option<String>,
|
||||||
pub passwordauth: u8,
|
pub passwordauth: Option<u8>,
|
||||||
pub keysig: MaybeString,
|
pub keysig: Option<MaybeString>,
|
||||||
pub permitrootlogin: u8,
|
pub permitrootlogin: Option<u8>,
|
||||||
pub rekeylimit: Option<MaybeString>,
|
pub rekeylimit: Option<MaybeString>,
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -306,11 +306,11 @@ pub struct WebGui {
|
|||||||
pub protocol: String,
|
pub protocol: String,
|
||||||
#[yaserde(rename = "ssl-certref")]
|
#[yaserde(rename = "ssl-certref")]
|
||||||
pub ssl_certref: String,
|
pub ssl_certref: String,
|
||||||
pub port: MaybeString,
|
pub port: Option<MaybeString>,
|
||||||
#[yaserde(rename = "ssl-ciphers")]
|
#[yaserde(rename = "ssl-ciphers")]
|
||||||
pub ssl_ciphers: MaybeString,
|
pub ssl_ciphers: Option<MaybeString>,
|
||||||
pub interfaces: MaybeString,
|
pub interfaces: Option<MaybeString>,
|
||||||
pub compression: MaybeString,
|
pub compression: Option<MaybeString>,
|
||||||
pub nohttpreferercheck: Option<u8>,
|
pub nohttpreferercheck: Option<u8>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user