fix:cargo fmt

some formatting error

examples/ha_cluster/README.md

@@ -1,15 +0,0 @@
-## OPNSense demo
-
-Download the virtualbox snapshot from {{TODO URL}}
-
-Start the virtualbox image
-
-This virtualbox image is configured to use a bridge on the host's physical interface, make sure the bridge is up and the virtual machine can reach internet.
-
-Credentials are opnsense default (root/opnsense)
-
-Run the project with the correct ip address on the command line :
-
-```bash
-cargo run -p example-opnsense -- 192.168.5.229
-```

examples/ha_cluster/src/main.rs

@@ -1,141 +0,0 @@
-use std::{
-    net::{IpAddr, Ipv4Addr},
-    sync::Arc,
-};
-
-use brocade::BrocadeOptions;
-use cidr::Ipv4Cidr;
-use harmony::{
-    hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
-    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
-    inventory::Inventory,
-    modules::{
-        dummy::{ErrorScore, PanicScore, SuccessScore},
-        http::StaticFilesHttpScore,
-        okd::{dhcp::OKDDhcpScore, dns::OKDDnsScore, load_balancer::OKDLoadBalancerScore},
-        opnsense::OPNsenseShellCommandScore,
-        tftp::TftpScore,
-    },
-    topology::{LogicalHost, UnmanagedRouter},
-};
-use harmony_macros::{ip, mac_address};
-use harmony_secret::{Secret, SecretManager};
-use harmony_types::net::Url;
-use serde::{Deserialize, Serialize};
-
-#[tokio::main]
-async fn main() {
-    let firewall = harmony::topology::LogicalHost {
-        ip: ip!("192.168.5.229"),
-        name: String::from("opnsense-1"),
-    };
-
-    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
-        .await
-        .expect("Failed to get credentials");
-
-    let switches: Vec<IpAddr> = vec![ip!("192.168.5.101")]; // TODO: Adjust me
-    let brocade_options = Some(BrocadeOptions {
-        dry_run: *harmony::config::DRY_RUN,
-        ..Default::default()
-    });
-    let switch_client = BrocadeSwitchClient::init(
-        &switches,
-        &switch_auth.username,
-        &switch_auth.password,
-        brocade_options,
-    )
-    .await
-    .expect("Failed to connect to switch");
-
-    let switch_client = Arc::new(switch_client);
-
-    let opnsense = Arc::new(
-        harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
-    );
-    let lan_subnet = Ipv4Addr::new(10, 100, 8, 0);
-    let gateway_ipv4 = Ipv4Addr::new(10, 100, 8, 1);
-    let gateway_ip = IpAddr::V4(gateway_ipv4);
-    let topology = harmony::topology::HAClusterTopology {
-        kubeconfig: None,
-        domain_name: "demo.harmony.mcd".to_string(),
-        router: Arc::new(UnmanagedRouter::new(
-            gateway_ip,
-            Ipv4Cidr::new(lan_subnet, 24).unwrap(),
-        )),
-        load_balancer: opnsense.clone(),
-        firewall: opnsense.clone(),
-        tftp_server: opnsense.clone(),
-        http_server: opnsense.clone(),
-        dhcp_server: opnsense.clone(),
-        dns_server: opnsense.clone(),
-        control_plane: vec![LogicalHost {
-            ip: ip!("10.100.8.20"),
-            name: "cp0".to_string(),
-        }],
-        bootstrap_host: LogicalHost {
-            ip: ip!("10.100.8.20"),
-            name: "cp0".to_string(),
-        },
-        workers: vec![],
-        switch_client: switch_client.clone(),
-    };
-
-    let inventory = Inventory {
-        location: Location::new(
-            "232 des Éperviers, Wendake, Qc, G0A 4V0".to_string(),
-            "wk".to_string(),
-        ),
-        switch: SwitchGroup::from([]),
-        firewall_mgmt: Box::new(OPNSenseManagementInterface::new()),
-        storage_host: vec![],
-        worker_host: vec![],
-        control_plane_host: vec![
-            PhysicalHost::empty(HostCategory::Server)
-                .mac_address(mac_address!("08:00:27:62:EC:C3")),
-        ],
-    };
-
-    // TODO regroup smaller scores in a larger one such as this
-    // let okd_boostrap_preparation();
-
-    let dhcp_score = OKDDhcpScore::new(&topology, &inventory);
-    let dns_score = OKDDnsScore::new(&topology);
-    let load_balancer_score = OKDLoadBalancerScore::new(&topology);
-
-    let tftp_score = TftpScore::new(Url::LocalFolder("./data/watchguard/tftpboot".to_string()));
-    let http_score = StaticFilesHttpScore {
-        folder_to_serve: Some(Url::LocalFolder(
-            "./data/watchguard/pxe-http-files".to_string(),
-        )),
-        files: vec![],
-        remote_path: None,
-    };
-
-    harmony_tui::run(
-        inventory,
-        topology,
-        vec![
-            Box::new(dns_score),
-            Box::new(dhcp_score),
-            Box::new(load_balancer_score),
-            Box::new(tftp_score),
-            Box::new(http_score),
-            Box::new(OPNsenseShellCommandScore {
-                opnsense: opnsense.get_opnsense_config(),
-                command: "touch /tmp/helloharmonytouching".to_string(),
-            }),
-            Box::new(SuccessScore {}),
-            Box::new(ErrorScore {}),
-            Box::new(PanicScore {}),
-        ],
-    )
-    .await
-    .unwrap();
-}
-
-#[derive(Secret, Serialize, Deserialize, Debug)]
-pub struct BrocadeSwitchAuth {
-    pub username: String,
-    pub password: String,
-}

examples/nanodc/src/main.rs

@@ -106,6 +106,7 @@ async fn main() {
                 name: "wk2".to_string(),
             },
         ],
+        node_exporter: opnsense.clone(),
         switch_client: switch_client.clone(),
     };
 

examples/okd_installation/src/topology.rs

@@ -80,6 +80,7 @@ pub async fn get_topology() -> HAClusterTopology {
             name: "bootstrap".to_string(),
         },
         workers: vec![],
+        node_exporter: opnsense.clone(),
         switch_client: switch_client.clone(),
     }
 }

examples/okd_pxe/src/topology.rs

@@ -75,6 +75,7 @@ pub async fn get_topology() -> HAClusterTopology {
             name: "cp0".to_string(),
         },
         workers: vec![],
+        node_exporter: opnsense.clone(),
         switch_client: switch_client.clone(),
     }
 }

examples/opnsense/Cargo.toml

@@ -8,7 +8,7 @@ publish = false
 
 [dependencies]
 harmony = { path = "../../harmony" }
-harmony_cli = { path = "../../harmony_cli" }
+harmony_tui = { path = "../../harmony_tui" }
 harmony_types = { path = "../../harmony_types" }
 cidr = { workspace = true }
 tokio = { workspace = true }

examples/opnsense/env.sh

@@ -1,3 +0,0 @@
-export HARMONY_SECRET_NAMESPACE=example-opnsense
-export HARMONY_SECRET_STORE=file
-export RUST_LOG=info

examples/opnsense/src/main.rs

@@ -1,70 +1,135 @@
-use harmony::{
-    config::secret::OPNSenseFirewallCredentials,
-    infra::opnsense::OPNSenseFirewall,
-    inventory::Inventory,
-    modules::{dhcp::DhcpScore, opnsense::OPNsenseShellCommandScore},
-    topology::LogicalHost,
+use std::{
+    net::{IpAddr, Ipv4Addr},
+    sync::Arc,
 };
-use harmony_macros::{ip, ipv4};
+
+use brocade::BrocadeOptions;
+use cidr::Ipv4Cidr;
+use harmony::{
+    hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
+    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
+    inventory::Inventory,
+    modules::{
+        dummy::{ErrorScore, PanicScore, SuccessScore},
+        http::StaticFilesHttpScore,
+        okd::{dhcp::OKDDhcpScore, dns::OKDDnsScore, load_balancer::OKDLoadBalancerScore},
+        opnsense::OPNsenseShellCommandScore,
+        tftp::TftpScore,
+    },
+    topology::{LogicalHost, UnmanagedRouter},
+};
+use harmony_macros::{ip, mac_address};
 use harmony_secret::{Secret, SecretManager};
+use harmony_types::net::Url;
 use serde::{Deserialize, Serialize};
 
 #[tokio::main]
 async fn main() {
-    let firewall = LogicalHost {
-        ip: ip!("192.168.55.1"),
+    let firewall = harmony::topology::LogicalHost {
+        ip: ip!("192.168.5.229"),
         name: String::from("opnsense-1"),
     };
 
-    let opnsense_auth = SecretManager::get_or_prompt::<OPNSenseFirewallCredentials>()
+    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
         .await
         .expect("Failed to get credentials");
 
-    let opnsense = OPNSenseFirewall::new(
-        firewall,
-        None,
-        &opnsense_auth.username,
-        &opnsense_auth.password,
+    let switches: Vec<IpAddr> = vec![ip!("192.168.5.101")]; // TODO: Adjust me
+    let brocade_options = Some(BrocadeOptions {
+        dry_run: *harmony::config::DRY_RUN,
+        ..Default::default()
+    });
+    let switch_client = BrocadeSwitchClient::init(
+        &switches,
+        &switch_auth.username,
+        &switch_auth.password,
+        brocade_options,
     )
-    .await;
+    .await
+    .expect("Failed to connect to switch");
 
-    let dhcp_score = DhcpScore {
-        dhcp_range: (
-            ipv4!("192.168.55.100").into(),
-            ipv4!("192.168.55.150").into(),
-        ),
-        host_binding: vec![],
-        next_server: None,
-        boot_filename: None,
-        filename: None,
-        filename64: None,
-        filenameipxe: Some("filename.ipxe".to_string()),
-        domain: None,
+    let switch_client = Arc::new(switch_client);
+
+    let opnsense = Arc::new(
+        harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
+    );
+    let lan_subnet = Ipv4Addr::new(10, 100, 8, 0);
+    let gateway_ipv4 = Ipv4Addr::new(10, 100, 8, 1);
+    let gateway_ip = IpAddr::V4(gateway_ipv4);
+    let topology = harmony::topology::HAClusterTopology {
+        kubeconfig: None,
+        domain_name: "demo.harmony.mcd".to_string(),
+        router: Arc::new(UnmanagedRouter::new(
+            gateway_ip,
+            Ipv4Cidr::new(lan_subnet, 24).unwrap(),
+        )),
+        load_balancer: opnsense.clone(),
+        firewall: opnsense.clone(),
+        tftp_server: opnsense.clone(),
+        http_server: opnsense.clone(),
+        dhcp_server: opnsense.clone(),
+        dns_server: opnsense.clone(),
+        control_plane: vec![LogicalHost {
+            ip: ip!("10.100.8.20"),
+            name: "cp0".to_string(),
+        }],
+        bootstrap_host: LogicalHost {
+            ip: ip!("10.100.8.20"),
+            name: "cp0".to_string(),
+        },
+        workers: vec![],
+        node_exporter: opnsense.clone(),
+        switch_client: switch_client.clone(),
     };
-    // let dns_score = OKDDnsScore::new(&topology);
-    // let load_balancer_score = OKDLoadBalancerScore::new(&topology);
-    //
-    // let tftp_score = TftpScore::new(Url::LocalFolder("./data/watchguard/tftpboot".to_string()));
-    // let http_score = StaticFilesHttpScore {
-    //     folder_to_serve: Some(Url::LocalFolder(
-    //         "./data/watchguard/pxe-http-files".to_string(),
-    //     )),
-    //     files: vec![],
-    //     remote_path: None,
-    // };
-    let opnsense_config = opnsense.get_opnsense_config();
 
-    harmony_cli::run(
-        Inventory::autoload(),
-        opnsense,
-        vec![
-            Box::new(dhcp_score),
-            Box::new(OPNsenseShellCommandScore {
-                opnsense: opnsense_config,
-                command: "touch /tmp/helloharmonytouching_2".to_string(),
-            }),
+    let inventory = Inventory {
+        location: Location::new(
+            "232 des Éperviers, Wendake, Qc, G0A 4V0".to_string(),
+            "wk".to_string(),
+        ),
+        switch: SwitchGroup::from([]),
+        firewall_mgmt: Box::new(OPNSenseManagementInterface::new()),
+        storage_host: vec![],
+        worker_host: vec![],
+        control_plane_host: vec![
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("08:00:27:62:EC:C3")),
+        ],
+    };
+
+    // TODO regroup smaller scores in a larger one such as this
+    // let okd_boostrap_preparation();
+
+    let dhcp_score = OKDDhcpScore::new(&topology, &inventory);
+    let dns_score = OKDDnsScore::new(&topology);
+    let load_balancer_score = OKDLoadBalancerScore::new(&topology);
+
+    let tftp_score = TftpScore::new(Url::LocalFolder("./data/watchguard/tftpboot".to_string()));
+    let http_score = StaticFilesHttpScore {
+        folder_to_serve: Some(Url::LocalFolder(
+            "./data/watchguard/pxe-http-files".to_string(),
+        )),
+        files: vec![],
+        remote_path: None,
+    };
+
+    harmony_tui::run(
+        inventory,
+        topology,
+        vec![
+            Box::new(dns_score),
+            Box::new(dhcp_score),
+            Box::new(load_balancer_score),
+            Box::new(tftp_score),
+            Box::new(http_score),
+            Box::new(OPNsenseShellCommandScore {
+                opnsense: opnsense.get_opnsense_config(),
+                command: "touch /tmp/helloharmonytouching".to_string(),
+            }),
+            Box::new(SuccessScore {}),
+            Box::new(ErrorScore {}),
+            Box::new(PanicScore {}),
         ],
-        None,
     )
     .await
     .unwrap();

examples/opnsense_node_exporter/Cargo.toml

@@ -1,21 +1,21 @@
 [package]
-name = "example-ha-cluster"
+name = "example-opnsense-node-exporter"
 edition = "2024"
 version.workspace = true
 readme.workspace = true
 license.workspace = true
-publish = false
 
 [dependencies]
 harmony = { path = "../../harmony" }
-harmony_tui = { path = "../../harmony_tui" }
+harmony_cli = { path = "../../harmony_cli" }
 harmony_types = { path = "../../harmony_types" }
+harmony_secret = { path = "../../harmony_secret" }
+harmony_secret_derive = { path = "../../harmony_secret_derive" }
 cidr = { workspace = true }
 tokio = { workspace = true }
 harmony_macros = { path = "../../harmony_macros" }
 log = { workspace = true }
 env_logger = { workspace = true }
 url = { workspace = true }
-harmony_secret = { path = "../../harmony_secret" }
-brocade = { path = "../../brocade" }
-serde = { workspace = true }
+serde.workspace = true
+async-trait.workspace = true

examples/opnsense_node_exporter/src/main.rs

@@ -0,0 +1,79 @@
+use std::{
+    net::{IpAddr, Ipv4Addr},
+    sync::Arc,
+};
+
+use async_trait::async_trait;
+use cidr::Ipv4Cidr;
+use harmony::{
+    executors::ExecutorError,
+    hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
+    infra::opnsense::OPNSenseManagementInterface,
+    inventory::Inventory,
+    modules::opnsense::node_exporter::NodeExporterScore,
+    topology::{
+        HAClusterTopology, LogicalHost, PreparationError, PreparationOutcome, Topology,
+        UnmanagedRouter, node_exporter::NodeExporter,
+    },
+};
+use harmony_macros::{ip, ipv4, mac_address};
+
+struct OpnSenseTopology {
+    node_exporter: Arc<dyn NodeExporter>,
+}
+
+#[async_trait]
+impl Topology for OpnSenseTopology {
+    async fn ensure_ready(&self) -> Result<PreparationOutcome, PreparationError> {
+        Ok(PreparationOutcome::Success {
+            details: "Success".to_string(),
+        })
+    }
+    fn name(&self) -> &str {
+        "OpnsenseTopology"
+    }
+}
+
+#[async_trait]
+impl NodeExporter for OpnSenseTopology {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.ensure_initialized().await
+    }
+
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.commit_config().await
+    }
+
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.reload_restart().await
+    }
+}
+
+#[tokio::main]
+async fn main() {
+    let firewall = harmony::topology::LogicalHost {
+        ip: ip!("192.168.1.1"),
+        name: String::from("fw0"),
+    };
+
+    let opnsense = Arc::new(
+        harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
+    );
+
+    let topology = OpnSenseTopology {
+        node_exporter: opnsense.clone(),
+    };
+
+    let inventory = Inventory::empty();
+
+    let node_exporter_score = NodeExporterScore {};
+
+    harmony_cli::run(
+        inventory,
+        topology,
+        vec![Box::new(node_exporter_score)],
+        None,
+    )
+    .await
+    .unwrap();
+}

harmony/src/domain/maestro/mod.rs

@@ -67,16 +67,16 @@ impl<T: Topology> Maestro<T> {
         }
     }
 
-    fn is_topology_initialized(&self) -> bool {
-        self.topology_state.status == TopologyStatus::Success
-            || self.topology_state.status == TopologyStatus::Noop
-    }
-
     pub fn register_all(&mut self, mut scores: ScoreVec<T>) {
         let mut score_mut = self.scores.write().expect("Should acquire lock");
         score_mut.append(&mut scores);
     }
 
+    fn is_topology_initialized(&self) -> bool {
+        self.topology_state.status == TopologyStatus::Success
+            || self.topology_state.status == TopologyStatus::Noop
+    }
+
     pub async fn interpret(&self, score: Box<dyn Score<T>>) -> Result<Outcome, InterpretError> {
         if !self.is_topology_initialized() {
             warn!(

harmony/src/domain/topology/ha_cluster.rs

@@ -8,12 +8,15 @@ use kube::api::ObjectMeta;
 use log::debug;
 use log::info;
 
-use crate::modules::okd::crd::nmstate::{self, NodeNetworkConfigurationPolicy};
 use crate::topology::PxeOptions;
 use crate::{data::FileContent, modules::okd::crd::nmstate::NMState};
 use crate::{
     executors::ExecutorError, modules::okd::crd::nmstate::NodeNetworkConfigurationPolicySpec,
 };
+use crate::{
+    modules::okd::crd::nmstate::{self, NodeNetworkConfigurationPolicy},
+    topology::node_exporter::NodeExporter,
+};
 
 use super::{
     DHCPStaticEntry, DhcpServer, DnsRecord, DnsRecordType, DnsServer, Firewall, HostNetworkConfig,
@@ -35,6 +38,7 @@ pub struct HAClusterTopology {
     pub tftp_server: Arc<dyn TftpServer>,
     pub http_server: Arc<dyn HttpServer>,
     pub dns_server: Arc<dyn DnsServer>,
+    pub node_exporter: Arc<dyn NodeExporter>,
     pub switch_client: Arc<dyn SwitchClient>,
     pub bootstrap_host: LogicalHost,
     pub control_plane: Vec<LogicalHost>,
@@ -297,6 +301,7 @@ impl HAClusterTopology {
             tftp_server: dummy_infra.clone(),
             http_server: dummy_infra.clone(),
             dns_server: dummy_infra.clone(),
+            node_exporter: dummy_infra.clone(),
             switch_client: dummy_infra.clone(),
             bootstrap_host: dummy_host,
             control_plane: vec![],
@@ -474,6 +479,23 @@ impl Switch for HAClusterTopology {
         self.configure_bond(config).await?;
         self.configure_port_channel(config).await
     }
+
+    //TODO add snmp here
+}
+
+#[async_trait]
+impl NodeExporter for HAClusterTopology {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.ensure_initialized().await
+    }
+
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.commit_config().await
+    }
+
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.reload_restart().await
+    }
 }
 
 #[derive(Debug)]
@@ -663,6 +685,21 @@ impl DnsServer for DummyInfra {
     }
 }
 
+#[async_trait]
+impl NodeExporter for DummyInfra {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
+        unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
+    }
+
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
+        unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
+    }
+
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
+        unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
+    }
+}
+
 #[async_trait]
 impl SwitchClient for DummyInfra {
     async fn setup(&self) -> Result<(), SwitchError> {

harmony/src/domain/topology/mod.rs

@@ -1,6 +1,6 @@
 mod ha_cluster;
 pub mod ingress;
-pub mod opnsense;
+pub mod node_exporter;
 use harmony_types::net::IpAddress;
 mod host_binding;
 mod http;

harmony/src/domain/topology/node_exporter.rs

@@ -0,0 +1,17 @@
+use async_trait::async_trait;
+
+use crate::executors::ExecutorError;
+
+#[async_trait]
+pub trait NodeExporter: Send + Sync {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError>;
+    async fn commit_config(&self) -> Result<(), ExecutorError>;
+    async fn reload_restart(&self) -> Result<(), ExecutorError>;
+}
+
+//TODO complete this impl
+impl std::fmt::Debug for dyn NodeExporter {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_fmt(format_args!("NodeExporter ",))
+    }
+}

harmony/src/domain/topology/opnsense.rs

@@ -1,23 +0,0 @@
-use async_trait::async_trait;
-use log::info;
-
-use crate::{
-    infra::opnsense::OPNSenseFirewall,
-    topology::{PreparationError, PreparationOutcome, Topology},
-};
-
-#[async_trait]
-impl Topology for OPNSenseFirewall {
-    async fn ensure_ready(&self) -> Result<PreparationOutcome, PreparationError> {
-        // FIXME we should be initializing the opnsense config here instead of
-        // OPNSenseFirewall::new as this causes the config to be loaded too early in
-        // harmony initialization process
-        let details = "OPNSenseFirewall topology is ready".to_string();
-        info!("{}", details);
-        Ok(PreparationOutcome::Success { details })
-    }
-
-    fn name(&self) -> &str {
-        "OPNSenseFirewall"
-    }
-}

harmony/src/infra/opnsense/mod.rs

@@ -4,6 +4,7 @@ mod firewall;
 mod http;
 mod load_balancer;
 mod management;
+pub mod node_exporter;
 mod tftp;
 use std::sync::Arc;
 
@@ -25,8 +26,6 @@ impl OPNSenseFirewall {
         self.host.ip
     }
 
-    /// panics : if the opnsense config file cannot be loaded by the underlying opnsense_config
-    /// crate
     pub async fn new(host: LogicalHost, port: Option<u16>, username: &str, password: &str) -> Self {
         Self {
             opnsense_config: Arc::new(RwLock::new(

harmony/src/infra/opnsense/node_exporter.rs

@@ -0,0 +1,47 @@
+use async_trait::async_trait;
+use log::debug;
+
+use crate::{
+    executors::ExecutorError, infra::opnsense::OPNSenseFirewall,
+    topology::node_exporter::NodeExporter,
+};
+
+#[async_trait]
+impl NodeExporter for OPNSenseFirewall {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
+        let mut config = self.opnsense_config.write().await;
+        let node_exporter = config.node_exporter();
+        if let Some(config) = node_exporter.get_full_config() {
+            debug!(
+                "Node exporter available in opnsense config, assuming it is already installed. {config:?}"
+            );
+        } else {
+            config
+                .install_package("os-node_exporter")
+                .await
+                .map_err(|e| {
+                        ExecutorError::UnexpectedError(format!("Executor failed when trying to install os-node_exporter package with error {e:?}"
+                                ))
+                    })?;
+        }
+
+        config
+            .node_exporter()
+            .enable(true)
+            .map_err(|e| ExecutorError::UnexpectedError(e.to_string()))?;
+        Ok(())
+    }
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
+        OPNSenseFirewall::commit_config(self).await
+    }
+
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
+        self.opnsense_config
+            .write()
+            .await
+            .node_exporter()
+            .reload_restart()
+            .await
+            .map_err(|e| ExecutorError::UnexpectedError(e.to_string()))
+    }
+}

harmony/src/modules/opnsense/mod.rs

@@ -1,3 +1,4 @@
+pub mod node_exporter;
 mod shell;
 mod upgrade;
 pub use shell::*;

harmony/src/modules/opnsense/node_exporter.rs

@@ -0,0 +1,70 @@
+use async_trait::async_trait;
+use harmony_types::id::Id;
+use log::info;
+use serde::Serialize;
+
+use crate::{
+    data::Version,
+    interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome},
+    inventory::Inventory,
+    score::Score,
+    topology::{Topology, node_exporter::NodeExporter},
+};
+
+#[derive(Debug, Clone, Serialize)]
+pub struct NodeExporterScore {}
+
+impl<T: Topology + NodeExporter> Score<T> for NodeExporterScore {
+    fn name(&self) -> String {
+        "NodeExporterScore".to_string()
+    }
+
+    fn create_interpret(&self) -> Box<dyn Interpret<T>> {
+        Box::new(NodeExporterInterpret {})
+    }
+}
+
+#[derive(Debug)]
+pub struct NodeExporterInterpret {}
+
+#[async_trait]
+impl<T: Topology + NodeExporter> Interpret<T> for NodeExporterInterpret {
+    async fn execute(
+        &self,
+        _inventory: &Inventory,
+        node_exporter: &T,
+    ) -> Result<Outcome, InterpretError> {
+        info!(
+            "Making sure node exporter is initiailized: {:?}",
+            node_exporter.ensure_initialized().await?
+        );
+
+        info!("Applying Node Exporter configuration");
+
+        node_exporter.commit_config().await?;
+
+        info!("Reloading and restarting Node Exporter");
+
+        node_exporter.reload_restart().await?;
+
+        Ok(Outcome::success(format!(
+            "NodeExporter successfully configured"
+        )))
+    }
+
+    fn get_name(&self) -> InterpretName {
+        InterpretName::Custom("NodeExporter")
+    }
+
+    fn get_version(&self) -> Version {
+        todo!()
+    }
+
+    fn get_status(&self) -> InterpretStatus {
+        todo!()
+    }
+
+    fn get_children(&self) -> Vec<Id> {
+        todo!()
+    }
+}

opnsense-config-xml/src/data/opnsense.rs

@@ -17,7 +17,7 @@ pub struct OPNsense {
     pub interfaces: NamedList<Interface>,
     pub dhcpd: NamedList<DhcpInterface>,
     pub snmpd: Snmpd,
-    pub syslog: Syslog,
+    pub syslog: Option<Syslog>,
     pub nat: Nat,
     pub filter: Filters,
     pub load_balancer: Option<LoadBalancer>,
@@ -190,7 +190,7 @@ pub struct System {
     pub webgui: WebGui,
     pub usevirtualterminal: u8,
     pub disablenatreflection: Option<String>,
-    pub disableconsolemenu: u8,
+    pub disableconsolemenu: Option<u8>,
     pub disablevlanhwfilter: u8,
     pub disablechecksumoffloading: u8,
     pub disablesegmentationoffloading: u8,
@@ -216,7 +216,7 @@ pub struct System {
     pub maximumfrags: Option<MaybeString>,
     pub aliasesresolveinterval: Option<MaybeString>,
     pub maximumtableentries: Option<MaybeString>,
-    pub language: Option<MaybeString>,
+    pub language: Option<String>,
     pub dnsserver: Option<MaybeString>,
     pub dns1gw: Option<String>,
     pub dns2gw: Option<String>,
@@ -233,16 +233,16 @@ pub struct System {
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Ssh {
     pub group: String,
-    pub noauto: u8,
-    pub interfaces: MaybeString,
-    pub kex: MaybeString,
-    pub ciphers: MaybeString,
-    pub macs: MaybeString,
-    pub keys: MaybeString,
-    pub enabled: String,
-    pub passwordauth: u8,
-    pub keysig: MaybeString,
-    pub permitrootlogin: u8,
+    pub noauto: Option<u8>,
+    pub interfaces: Option<MaybeString>,
+    pub kex: Option<MaybeString>,
+    pub ciphers: Option<MaybeString>,
+    pub macs: Option<MaybeString>,
+    pub keys: Option<MaybeString>,
+    pub enabled: Option<String>,
+    pub passwordauth: Option<u8>,
+    pub keysig: Option<MaybeString>,
+    pub permitrootlogin: Option<u8>,
     pub rekeylimit: Option<MaybeString>,
 }
 
@@ -306,11 +306,11 @@ pub struct WebGui {
     pub protocol: String,
     #[yaserde(rename = "ssl-certref")]
     pub ssl_certref: String,
-    pub port: MaybeString,
+    pub port: Option<MaybeString>,
     #[yaserde(rename = "ssl-ciphers")]
-    pub ssl_ciphers: MaybeString,
-    pub interfaces: MaybeString,
-    pub compression: MaybeString,
+    pub ssl_ciphers: Option<MaybeString>,
+    pub interfaces: Option<MaybeString>,
+    pub compression: Option<MaybeString>,
     pub nohttpreferercheck: Option<u8>,
 }
 
@@ -433,7 +433,7 @@ pub struct OPNsenseXmlSection {
     #[yaserde(rename = "Interfaces")]
     pub interfaces: Option<ConfigInterfaces>,
     #[yaserde(rename = "NodeExporter")]
-    pub node_exporter: Option<RawXml>,
+    pub node_exporter: Option<NodeExporter>,
     #[yaserde(rename = "Kea")]
     pub kea: Option<RawXml>,
     pub monit: Option<Monit>,
@@ -1595,3 +1595,21 @@ pub struct Ifgroups {
     #[yaserde(attribute = true)]
     pub version: String,
 }
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct NodeExporter {
+    pub enabled: u8,
+    pub listenaddress: Option<MaybeString>,
+    pub listenport: u16,
+    pub cpu: u8,
+    pub exec: u8,
+    pub filesystem: u8,
+    pub loadavg: u8,
+    pub meminfo: u8,
+    pub netdev: u8,
+    pub time: u8,
+    pub devstat: u8,
+    pub interrupts: u8,
+    pub ntp: u8,
+    pub zfs: u8,
+}

opnsense-config/src/config/config.rs

@@ -5,7 +5,8 @@ use crate::{
     error::Error,
     modules::{
         caddy::CaddyConfig, dhcp_legacy::DhcpConfigLegacyISC, dns::UnboundDnsConfig,
-        dnsmasq::DhcpConfigDnsMasq, load_balancer::LoadBalancerConfig, tftp::TftpConfig,
+        dnsmasq::DhcpConfigDnsMasq, load_balancer::LoadBalancerConfig,
+        node_exporter::NodeExporterConfig, tftp::TftpConfig,
     },
 };
 use log::{debug, info, trace, warn};
@@ -13,6 +14,7 @@ use opnsense_config_xml::OPNsense;
 use russh::client;
 use serde::Serialize;
 use sha2::Digest;
+use tokio::time::{sleep, Duration};
 
 use super::{ConfigManager, OPNsenseShell};
 
@@ -71,6 +73,10 @@ impl Config {
         LoadBalancerConfig::new(&mut self.opnsense, self.shell.clone())
     }
 
+    pub fn node_exporter(&mut self) -> NodeExporterConfig<'_> {
+        NodeExporterConfig::new(&mut self.opnsense, self.shell.clone())
+    }
+
     pub async fn upload_files(&self, source: &str, destination: &str) -> Result<String, Error> {
         self.shell.upload_folder(source, destination).await
     }
@@ -150,7 +156,8 @@ impl Config {
 
     async fn reload_config(&mut self) -> Result<(), Error> {
         info!("Reloading opnsense live config");
-        let (opnsense, sha2) = Self::get_opnsense_instance(self.repository.clone()).await?;
+        let (opnsense, _sha2) = Self::get_opnsense_instance(self.repository.clone()).await?;
+        self.opnsense = opnsense;
         Ok(())
     }
 

opnsense-config/src/modules/mod.rs

@@ -4,4 +4,5 @@ pub mod dhcp_legacy;
 pub mod dns;
 pub mod dnsmasq;
 pub mod load_balancer;
+pub mod node_exporter;
 pub mod tftp;

opnsense-config/src/modules/node_exporter.rs

@@ -0,0 +1,54 @@
+use std::sync::Arc;
+
+use opnsense_config_xml::{NodeExporter, OPNsense};
+
+use crate::{config::OPNsenseShell, Error};
+
+pub struct NodeExporterConfig<'a> {
+    opnsense: &'a mut OPNsense,
+    opnsense_shell: Arc<dyn OPNsenseShell>,
+}
+
+impl<'a> NodeExporterConfig<'a> {
+    pub fn new(opnsense: &'a mut OPNsense, opnsense_shell: Arc<dyn OPNsenseShell>) -> Self {
+        Self {
+            opnsense,
+            opnsense_shell,
+        }
+    }
+
+    pub fn get_full_config(&self) -> &Option<NodeExporter> {
+        &self.opnsense.opnsense.node_exporter
+    }
+
+    fn with_node_exporter<F, R>(&mut self, f: F) -> Result<R, &'static str>
+    where
+        F: FnOnce(&mut NodeExporter) -> R,
+    {
+        match &mut self.opnsense.opnsense.node_exporter.as_mut() {
+            Some(node_exporter) => Ok(f(node_exporter)),
+            None => Err("node exporter is not yet installed"),
+        }
+    }
+
+    pub fn enable(&mut self, enabled: bool) -> Result<(), &'static str> {
+        self.with_node_exporter(|node_exporter| node_exporter.enabled = enabled as u8)
+            .map(|_| ())
+    }
+
+    pub async fn reload_restart(&self) -> Result<(), Error> {
+        self.opnsense_shell
+            .exec("configctl node_exporter stop")
+            .await?;
+        self.opnsense_shell
+            .exec("configctl template reload OPNsense/NodeExporter")
+            .await?;
+        self.opnsense_shell
+            .exec("configctl node_exporter configtest")
+            .await?;
+        self.opnsense_shell
+            .exec("configctl node_exporter start")
+            .await?;
+        Ok(())
+    }
+}