fix: added impl node exporter for hacluster topology and dummy infra

some formatting error

Cargo.lock

@@ -1780,7 +1780,6 @@ dependencies = [
 name = "example-nanodc"
 version = "0.1.0"
 dependencies = [
- "brocade",
  "cidr",
  "env_logger",
  "harmony",
@@ -1789,7 +1788,6 @@ dependencies = [
  "harmony_tui",
  "harmony_types",
  "log",
- "serde",
  "tokio",
  "url",
 ]
@@ -1808,7 +1806,6 @@ dependencies = [
 name = "example-okd-install"
 version = "0.1.0"
 dependencies = [
- "brocade",
  "cidr",
  "env_logger",
  "harmony",
@@ -1839,16 +1836,13 @@ dependencies = [
 name = "example-opnsense"
 version = "0.1.0"
 dependencies = [
- "brocade",
  "cidr",
  "env_logger",
  "harmony",
  "harmony_macros",
- "harmony_secret",
  "harmony_tui",
  "harmony_types",
  "log",
- "serde",
  "tokio",
  "url",
 ]
@@ -1857,7 +1851,6 @@ dependencies = [
 name = "example-pxe"
 version = "0.1.0"
 dependencies = [
- "brocade",
  "cidr",
  "env_logger",
  "harmony",
@@ -1872,15 +1865,6 @@ dependencies = [
  "url",
 ]
 
-[[package]]
-name = "example-remove-rook-osd"
-version = "0.1.0"
-dependencies = [
- "harmony",
- "harmony_cli",
- "tokio",
-]
-
 [[package]]
 name = "example-rust"
 version = "0.1.0"
@@ -1934,6 +1918,8 @@ dependencies = [
  "env_logger",
  "harmony",
  "harmony_macros",
+ "harmony_secret",
+ "harmony_secret_derive",
  "harmony_tui",
  "harmony_types",
  "log",
@@ -4627,6 +4613,15 @@ version = "0.8.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "caf4aa5b0f434c91fe5c7f1ecb6a5ece2130b02ad2a590589dda5146df959001"
 
+[[package]]
+name = "remove_rook_osd"
+version = "0.1.0"
+dependencies = [
+ "harmony",
+ "harmony_cli",
+ "tokio",
+]
+
 [[package]]
 name = "reqwest"
 version = "0.11.27"

brocade/src/fast_iron.rs

@@ -10,7 +10,6 @@ use log::{debug, info};
 use regex::Regex;
 use std::{collections::HashSet, str::FromStr};
 
-#[derive(Debug)]
 pub struct FastIronClient {
     shell: BrocadeShell,
     version: BrocadeInfo,

brocade/src/lib.rs

@@ -162,7 +162,7 @@ pub async fn init(
 }
 
 #[async_trait]
-pub trait BrocadeClient: std::fmt::Debug {
+pub trait BrocadeClient {
     /// Retrieves the operating system and version details from the connected Brocade switch.
     ///
     /// This is typically the first call made after establishing a connection to determine

brocade/src/network_operating_system.rs

@@ -10,7 +10,6 @@ use crate::{
     parse_brocade_mac_address, shell::BrocadeShell,
 };
 
-#[derive(Debug)]
 pub struct NetworkOperatingSystemClient {
     shell: BrocadeShell,
     version: BrocadeInfo,

brocade/src/shell.rs

@@ -13,7 +13,6 @@ use log::info;
 use russh::ChannelMsg;
 use tokio::time::timeout;
 
-#[derive(Debug)]
 pub struct BrocadeShell {
     ip: IpAddr,
     port: u16,

examples/nanodc/Cargo.toml

@@ -17,5 +17,3 @@ harmony_secret = { path = "../../harmony_secret" }
 log = { workspace = true }
 env_logger = { workspace = true }
 url = { workspace = true }
-serde = { workspace = true }
-brocade = { path = "../../brocade" }

examples/nanodc/src/main.rs

@@ -3,13 +3,12 @@ use std::{
     sync::Arc,
 };
 
-use brocade::BrocadeOptions;
 use cidr::Ipv4Cidr;
 use harmony::{
     config::secret::SshKeyPair,
     data::{FileContent, FilePath},
     hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
-    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
+    infra::opnsense::OPNSenseManagementInterface,
     inventory::Inventory,
     modules::{
         http::StaticFilesHttpScore,
@@ -23,9 +22,8 @@ use harmony::{
     topology::{LogicalHost, UnmanagedRouter},
 };
 use harmony_macros::{ip, mac_address};
-use harmony_secret::{Secret, SecretManager};
+use harmony_secret::SecretManager;
 use harmony_types::net::Url;
-use serde::{Deserialize, Serialize};
 
 #[tokio::main]
 async fn main() {
@@ -34,26 +32,6 @@ async fn main() {
         name: String::from("fw0"),
     };
 
-    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
-        .await
-        .expect("Failed to get credentials");
-
-    let switches: Vec<IpAddr> = vec![ip!("192.168.33.101")];
-    let brocade_options = Some(BrocadeOptions {
-        dry_run: *harmony::config::DRY_RUN,
-        ..Default::default()
-    });
-    let switch_client = BrocadeSwitchClient::init(
-        &switches,
-        &switch_auth.username,
-        &switch_auth.password,
-        brocade_options,
-    )
-    .await
-    .expect("Failed to connect to switch");
-
-    let switch_client = Arc::new(switch_client);
-
     let opnsense = Arc::new(
         harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
     );
@@ -61,8 +39,7 @@ async fn main() {
     let gateway_ipv4 = Ipv4Addr::new(192, 168, 33, 1);
     let gateway_ip = IpAddr::V4(gateway_ipv4);
     let topology = harmony::topology::HAClusterTopology {
-        domain_name: "ncd0.harmony.mcd".to_string(), // TODO this must be set manually correctly
+        domain_name: "ncd0.harmony.mcd".to_string(),
-        // when setting up the opnsense firewall
         router: Arc::new(UnmanagedRouter::new(
             gateway_ip,
             Ipv4Cidr::new(lan_subnet, 24).unwrap(),
@@ -105,7 +82,8 @@ async fn main() {
                 name: "wk2".to_string(),
             },
         ],
-        switch_client: switch_client.clone(),
+        switch: vec![],
+        node_exporter: opnsense.clone(),
     };
 
     let inventory = Inventory {
@@ -188,9 +166,3 @@ async fn main() {
     .await
     .unwrap();
 }
-
-#[derive(Secret, Serialize, Deserialize, Debug)]
-pub struct BrocadeSwitchAuth {
-    pub username: String,
-    pub password: String,
-}

examples/okd_installation/Cargo.toml

@@ -19,4 +19,3 @@ log = { workspace = true }
 env_logger = { workspace = true }
 url = { workspace = true }
 serde.workspace = true
-brocade = { path = "../../brocade" }

examples/okd_installation/src/topology.rs

@@ -1,8 +1,7 @@
-use brocade::BrocadeOptions;
 use cidr::Ipv4Cidr;
 use harmony::{
     hardware::{Location, SwitchGroup},
-    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
+    infra::opnsense::OPNSenseManagementInterface,
     inventory::Inventory,
     topology::{HAClusterTopology, LogicalHost, UnmanagedRouter},
 };
@@ -23,26 +22,6 @@ pub async fn get_topology() -> HAClusterTopology {
         name: String::from("opnsense-1"),
     };
 
-    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
-        .await
-        .expect("Failed to get credentials");
-
-    let switches: Vec<IpAddr> = vec![ip!("192.168.1.101")]; // TODO: Adjust me
-    let brocade_options = Some(BrocadeOptions {
-        dry_run: *harmony::config::DRY_RUN,
-        ..Default::default()
-    });
-    let switch_client = BrocadeSwitchClient::init(
-        &switches,
-        &switch_auth.username,
-        &switch_auth.password,
-        brocade_options,
-    )
-    .await
-    .expect("Failed to connect to switch");
-
-    let switch_client = Arc::new(switch_client);
-
     let config = SecretManager::get_or_prompt::<OPNSenseFirewallConfig>().await;
     let config = config.unwrap();
 
@@ -79,7 +58,8 @@ pub async fn get_topology() -> HAClusterTopology {
             name: "bootstrap".to_string(),
         },
         workers: vec![],
-        switch_client: switch_client.clone(),
+        switch: vec![],
+        node_exporter: opnsense.clone(),
     }
 }
 
@@ -96,9 +76,3 @@ pub fn get_inventory() -> Inventory {
         control_plane_host: vec![],
     }
 }
-
-#[derive(Secret, Serialize, Deserialize, Debug)]
-pub struct BrocadeSwitchAuth {
-    pub username: String,
-    pub password: String,
-}

examples/okd_pxe/Cargo.toml

@@ -19,4 +19,3 @@ log = { workspace = true }
 env_logger = { workspace = true }
 url = { workspace = true }
 serde.workspace = true
-brocade = { path = "../../brocade" }

examples/okd_pxe/src/topology.rs

@@ -1,15 +1,13 @@
-use brocade::BrocadeOptions;
 use cidr::Ipv4Cidr;
 use harmony::{
     config::secret::OPNSenseFirewallCredentials,
     hardware::{Location, SwitchGroup},
-    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
+    infra::opnsense::OPNSenseManagementInterface,
     inventory::Inventory,
     topology::{HAClusterTopology, LogicalHost, UnmanagedRouter},
 };
 use harmony_macros::{ip, ipv4};
-use harmony_secret::{Secret, SecretManager};
+use harmony_secret::SecretManager;
-use serde::{Deserialize, Serialize};
 use std::{net::IpAddr, sync::Arc};
 
 pub async fn get_topology() -> HAClusterTopology {
@@ -18,26 +16,6 @@ pub async fn get_topology() -> HAClusterTopology {
         name: String::from("opnsense-1"),
     };
 
-    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
-        .await
-        .expect("Failed to get credentials");
-
-    let switches: Vec<IpAddr> = vec![ip!("192.168.1.101")]; // TODO: Adjust me
-    let brocade_options = Some(BrocadeOptions {
-        dry_run: *harmony::config::DRY_RUN,
-        ..Default::default()
-    });
-    let switch_client = BrocadeSwitchClient::init(
-        &switches,
-        &switch_auth.username,
-        &switch_auth.password,
-        brocade_options,
-    )
-    .await
-    .expect("Failed to connect to switch");
-
-    let switch_client = Arc::new(switch_client);
-
     let config = SecretManager::get_or_prompt::<OPNSenseFirewallCredentials>().await;
     let config = config.unwrap();
 
@@ -74,7 +52,8 @@ pub async fn get_topology() -> HAClusterTopology {
             name: "cp0".to_string(),
         },
         workers: vec![],
-        switch_client: switch_client.clone(),
+        switch: vec![],
+        node_exporter: opnsense.clone(),
     }
 }
 
@@ -91,9 +70,3 @@ pub fn get_inventory() -> Inventory {
         control_plane_host: vec![],
     }
 }
-
-#[derive(Secret, Serialize, Deserialize, Debug)]
-pub struct BrocadeSwitchAuth {
-    pub username: String,
-    pub password: String,
-}

examples/opnsense/Cargo.toml

@@ -16,6 +16,3 @@ harmony_macros = { path = "../../harmony_macros" }
 log = { workspace = true }
 env_logger = { workspace = true }
 url = { workspace = true }
-harmony_secret = { path = "../../harmony_secret" }
-brocade = { path = "../../brocade" }
-serde = { workspace = true }

examples/opnsense/src/main.rs

@@ -3,11 +3,10 @@ use std::{
     sync::Arc,
 };
 
-use brocade::BrocadeOptions;
 use cidr::Ipv4Cidr;
 use harmony::{
     hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
-    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
+    infra::opnsense::OPNSenseManagementInterface,
     inventory::Inventory,
     modules::{
         dummy::{ErrorScore, PanicScore, SuccessScore},
@@ -19,9 +18,7 @@ use harmony::{
     topology::{LogicalHost, UnmanagedRouter},
 };
 use harmony_macros::{ip, mac_address};
-use harmony_secret::{Secret, SecretManager};
 use harmony_types::net::Url;
-use serde::{Deserialize, Serialize};
 
 #[tokio::main]
 async fn main() {
@@ -30,26 +27,6 @@ async fn main() {
         name: String::from("opnsense-1"),
     };
 
-    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
-        .await
-        .expect("Failed to get credentials");
-
-    let switches: Vec<IpAddr> = vec![ip!("192.168.5.101")]; // TODO: Adjust me
-    let brocade_options = Some(BrocadeOptions {
-        dry_run: *harmony::config::DRY_RUN,
-        ..Default::default()
-    });
-    let switch_client = BrocadeSwitchClient::init(
-        &switches,
-        &switch_auth.username,
-        &switch_auth.password,
-        brocade_options,
-    )
-    .await
-    .expect("Failed to connect to switch");
-
-    let switch_client = Arc::new(switch_client);
-
     let opnsense = Arc::new(
         harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
     );
@@ -77,7 +54,8 @@ async fn main() {
             name: "cp0".to_string(),
         },
         workers: vec![],
-        switch_client: switch_client.clone(),
+        switch: vec![],
+        node_exporter: opnsense.clone(),
     };
 
     let inventory = Inventory {
@@ -132,9 +110,3 @@ async fn main() {
     .await
     .unwrap();
 }
-
-#[derive(Secret, Serialize, Deserialize, Debug)]
-pub struct BrocadeSwitchAuth {
-    pub username: String,
-    pub password: String,
-}

examples/opnsense_node_exporter/Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "example-opnsense-node-exporter"
+edition = "2024"
+version.workspace = true
+readme.workspace = true
+license.workspace = true
+
+[dependencies]
+harmony = { path = "../../harmony" }
+harmony_cli = { path = "../../harmony_cli" }
+harmony_types = { path = "../../harmony_types" }
+harmony_secret = { path = "../../harmony_secret" }
+harmony_secret_derive = { path = "../../harmony_secret_derive" }
+cidr = { workspace = true }
+tokio = { workspace = true }
+harmony_macros = { path = "../../harmony_macros" }
+log = { workspace = true }
+env_logger = { workspace = true }
+url = { workspace = true }
+serde.workspace = true

examples/opnsense_node_exporter/src/main.rs

@@ -0,0 +1,110 @@
+use std::{
+    net::{IpAddr, Ipv4Addr},
+    sync::Arc,
+};
+
+use cidr::Ipv4Cidr;
+use harmony::{
+    hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
+    infra::opnsense::OPNSenseManagementInterface,
+    inventory::Inventory,
+    modules::opnsense::node_exporter::NodeExporterScore,
+    topology::{HAClusterTopology, LogicalHost, UnmanagedRouter},
+};
+use harmony_macros::{ip, ipv4, mac_address};
+
+#[tokio::main]
+async fn main() {
+    let firewall = harmony::topology::LogicalHost {
+        ip: ip!("192.168.33.1"),
+        name: String::from("fw0"),
+    };
+
+    let opnsense = Arc::new(
+        harmony::infra::opnsense::OPNSenseFirewall::new(firewall, None, "root", "opnsense").await,
+    );
+    let lan_subnet = Ipv4Addr::new(192, 168, 33, 0);
+    let gateway_ipv4 = Ipv4Addr::new(192, 168, 33, 1);
+    let gateway_ip = IpAddr::V4(gateway_ipv4);
+    let topology = harmony::topology::HAClusterTopology {
+        domain_name: "ncd0.harmony.mcd".to_string(),
+        router: Arc::new(UnmanagedRouter::new(
+            gateway_ip,
+            Ipv4Cidr::new(lan_subnet, 24).unwrap(),
+        )),
+        load_balancer: opnsense.clone(),
+        firewall: opnsense.clone(),
+        tftp_server: opnsense.clone(),
+        http_server: opnsense.clone(),
+        dhcp_server: opnsense.clone(),
+        dns_server: opnsense.clone(),
+        control_plane: vec![
+            LogicalHost {
+                ip: ip!("192.168.33.20"),
+                name: "cp0".to_string(),
+            },
+            LogicalHost {
+                ip: ip!("192.168.33.21"),
+                name: "cp1".to_string(),
+            },
+            LogicalHost {
+                ip: ip!("192.168.33.22"),
+                name: "cp2".to_string(),
+            },
+        ],
+        bootstrap_host: LogicalHost {
+            ip: ip!("192.168.33.66"),
+            name: "bootstrap".to_string(),
+        },
+        workers: vec![
+            LogicalHost {
+                ip: ip!("192.168.33.30"),
+                name: "wk0".to_string(),
+            },
+            LogicalHost {
+                ip: ip!("192.168.33.31"),
+                name: "wk1".to_string(),
+            },
+            LogicalHost {
+                ip: ip!("192.168.33.32"),
+                name: "wk2".to_string(),
+            },
+        ],
+        switch: vec![],
+        node_exporter: opnsense.clone(),
+    };
+
+    let inventory = Inventory {
+        location: Location::new("I am mobile".to_string(), "earth".to_string()),
+        switch: SwitchGroup::from([]),
+        firewall_mgmt: Box::new(OPNSenseManagementInterface::new()),
+        storage_host: vec![],
+        worker_host: vec![
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("C4:62:37:02:61:0F")),
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("C4:62:37:02:61:26")),
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("C4:62:37:02:61:70")),
+        ],
+        control_plane_host: vec![
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("C4:62:37:02:60:FA")),
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("C4:62:37:02:61:1A")),
+            PhysicalHost::empty(HostCategory::Server)
+                .mac_address(mac_address!("C4:62:37:01:BC:68")),
+        ],
+    };
+
+    let node_exporter_score = NodeExporterScore {};
+
+    harmony_cli::run(
+        inventory,
+        topology,
+        vec![Box::new(node_exporter_score)],
+        None,
+    )
+    .await
+    .unwrap();
+}

harmony/src/domain/topology/ha_cluster.rs

@@ -1,5 +1,7 @@
 use async_trait::async_trait;
+use brocade::BrocadeOptions;
 use harmony_macros::ip;
+use harmony_secret::SecretManager;
 use harmony_types::{
     net::{MacAddress, Url},
     switch::PortLocation,
@@ -9,14 +11,16 @@ use kube::api::ObjectMeta;
 use log::debug;
 use log::info;
 
-use crate::data::FileContent;
 use crate::executors::ExecutorError;
 use crate::hardware::PhysicalHost;
+use crate::infra::brocade::BrocadeSwitchAuth;
+use crate::infra::brocade::BrocadeSwitchClient;
 use crate::modules::okd::crd::{
     InstallPlanApproval, OperatorGroup, OperatorGroupSpec, Subscription, SubscriptionSpec,
     nmstate::{self, NMState, NodeNetworkConfigurationPolicy, NodeNetworkConfigurationPolicySpec},
 };
 use crate::topology::PxeOptions;
+use crate::{data::FileContent, topology::node_exporter::NodeExporter};
 
 use super::{
     DHCPStaticEntry, DhcpServer, DnsRecord, DnsRecordType, DnsServer, Firewall, HostNetworkConfig,
@@ -26,6 +30,7 @@ use super::{
 };
 
 use std::collections::BTreeMap;
+use std::net::IpAddr;
 use std::sync::Arc;
 
 #[derive(Debug, Clone)]
@@ -38,10 +43,11 @@ pub struct HAClusterTopology {
     pub tftp_server: Arc<dyn TftpServer>,
     pub http_server: Arc<dyn HttpServer>,
     pub dns_server: Arc<dyn DnsServer>,
-    pub switch_client: Arc<dyn SwitchClient>,
+    pub node_exporter: Arc<dyn NodeExporter>,
     pub bootstrap_host: LogicalHost,
     pub control_plane: Vec<LogicalHost>,
     pub workers: Vec<LogicalHost>,
+    pub switch: Vec<LogicalHost>,
 }
 
 #[async_trait]
@@ -275,15 +281,36 @@ impl HAClusterTopology {
         }
     }
 
+    async fn get_switch_client(&self) -> Result<Box<dyn SwitchClient>, SwitchError> {
+        let auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
+            .await
+            .map_err(|e| SwitchError::new(format!("Failed to get credentials: {e}")))?;
+
+        // FIXME: We assume Brocade switches
+        let switches: Vec<IpAddr> = self.switch.iter().map(|s| s.ip).collect();
+        let brocade_options = Some(BrocadeOptions {
+            dry_run: *crate::config::DRY_RUN,
+            ..Default::default()
+        });
+        let client =
+            BrocadeSwitchClient::init(&switches, &auth.username, &auth.password, brocade_options)
+                .await
+                .map_err(|e| SwitchError::new(format!("Failed to connect to switch: {e}")))?;
+
+        Ok(Box::new(client))
+    }
+
     async fn configure_port_channel(
         &self,
         host: &PhysicalHost,
         config: &HostNetworkConfig,
     ) -> Result<(), SwitchError> {
         debug!("Configuring port channel: {config:#?}");
+        let client = self.get_switch_client().await?;
+
         let switch_ports = config.switch_ports.iter().map(|s| s.port.clone()).collect();
 
-        self.switch_client
+        client
             .configure_port_channel(&format!("Harmony_{}", host.id), switch_ports)
             .await
             .map_err(|e| SwitchError::new(format!("Failed to configure switch: {e}")))?;
@@ -307,10 +334,11 @@ impl HAClusterTopology {
             tftp_server: dummy_infra.clone(),
             http_server: dummy_infra.clone(),
             dns_server: dummy_infra.clone(),
-            switch_client: dummy_infra.clone(),
+            node_exporter: dummy_infra.clone(),
             bootstrap_host: dummy_host,
             control_plane: vec![],
             workers: vec![],
+            switch: vec![],
         }
     }
 }
@@ -468,7 +496,8 @@ impl HttpServer for HAClusterTopology {
 #[async_trait]
 impl Switch for HAClusterTopology {
     async fn setup_switch(&self) -> Result<(), SwitchError> {
-        self.switch_client.setup().await?;
+        let client = self.get_switch_client().await?;
+        client.setup().await?;
         Ok(())
     }
 
@@ -476,7 +505,8 @@ impl Switch for HAClusterTopology {
         &self,
         mac_address: &MacAddress,
     ) -> Result<Option<PortLocation>, SwitchError> {
-        let port = self.switch_client.find_port(mac_address).await?;
+        let client = self.get_switch_client().await?;
+        let port = client.find_port(mac_address).await?;
         Ok(port)
     }
 
@@ -488,6 +518,23 @@ impl Switch for HAClusterTopology {
         self.configure_bond(host, &config).await?;
         self.configure_port_channel(host, &config).await
     }
+
+    //TODO add snmp here
+}
+
+#[async_trait]
+impl NodeExporter for HAClusterTopology {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.ensure_initialized().await
+    }
+
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.commit_config().await
+    }
+
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
+        self.node_exporter.reload_restart().await
+    }
 }
 
 #[derive(Debug)]
@@ -678,23 +725,16 @@ impl DnsServer for DummyInfra {
 }
 
 #[async_trait]
-impl SwitchClient for DummyInfra {
+impl NodeExporter for DummyInfra {
-    async fn setup(&self) -> Result<(), SwitchError> {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
         unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
     }
 
-    async fn find_port(
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
-        &self,
-        _mac_address: &MacAddress,
-    ) -> Result<Option<PortLocation>, SwitchError> {
         unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
     }
 
-    async fn configure_port_channel(
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
-        &self,
-        _channel_name: &str,
-        _switch_ports: Vec<PortLocation>,
-    ) -> Result<u8, SwitchError> {
         unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
     }
 }

harmony/src/domain/topology/mod.rs

@@ -1,5 +1,6 @@
 mod ha_cluster;
 pub mod ingress;
+pub mod node_exporter;
 use harmony_types::net::IpAddress;
 mod host_binding;
 mod http;

harmony/src/domain/topology/network.rs

@@ -1,10 +1,4 @@
-use std::{
+use std::{error::Error, net::Ipv4Addr, str::FromStr, sync::Arc};
-    error::Error,
-    fmt::{self, Debug},
-    net::Ipv4Addr,
-    str::FromStr,
-    sync::Arc,
-};
 
 use async_trait::async_trait;
 use derive_new::new;
@@ -25,8 +19,8 @@ pub struct DHCPStaticEntry {
     pub ip: Ipv4Addr,
 }
 
-impl fmt::Display for DHCPStaticEntry {
+impl std::fmt::Display for DHCPStaticEntry {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         let mac = self
             .mac
             .iter()
@@ -48,8 +42,8 @@ pub trait Firewall: Send + Sync {
     fn get_host(&self) -> LogicalHost;
 }
 
-impl Debug for dyn Firewall {
+impl std::fmt::Debug for dyn Firewall {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         f.write_fmt(format_args!("Firewall {}", self.get_ip()))
     }
 }
@@ -71,7 +65,7 @@ pub struct PxeOptions {
 }
 
 #[async_trait]
-pub trait DhcpServer: Send + Sync + Debug {
+pub trait DhcpServer: Send + Sync + std::fmt::Debug {
     async fn add_static_mapping(&self, entry: &DHCPStaticEntry) -> Result<(), ExecutorError>;
     async fn remove_static_mapping(&self, mac: &MacAddress) -> Result<(), ExecutorError>;
     async fn list_static_mappings(&self) -> Vec<(MacAddress, IpAddress)>;
@@ -110,8 +104,8 @@ pub trait DnsServer: Send + Sync {
     }
 }
 
-impl Debug for dyn DnsServer {
+impl std::fmt::Debug for dyn DnsServer {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         f.write_fmt(format_args!("DnsServer {}", self.get_ip()))
     }
 }
@@ -147,8 +141,8 @@ pub enum DnsRecordType {
     TXT,
 }
 
-impl fmt::Display for DnsRecordType {
+impl std::fmt::Display for DnsRecordType {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {
             DnsRecordType::A => write!(f, "A"),
             DnsRecordType::AAAA => write!(f, "AAAA"),
@@ -222,8 +216,8 @@ pub struct SwitchError {
     msg: String,
 }
 
-impl fmt::Display for SwitchError {
+impl std::fmt::Display for SwitchError {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         f.write_str(&self.msg)
     }
 }
@@ -231,7 +225,7 @@ impl fmt::Display for SwitchError {
 impl Error for SwitchError {}
 
 #[async_trait]
-pub trait SwitchClient: Debug + Send + Sync {
+pub trait SwitchClient: Send + Sync {
     /// Executes essential, idempotent, one-time initial configuration steps.
     ///
     /// This is an opiniated procedure that setups a switch to provide high availability

harmony/src/domain/topology/node_exporter.rs

@@ -0,0 +1,17 @@
+use async_trait::async_trait;
+
+use crate::executors::ExecutorError;
+
+#[async_trait]
+pub trait NodeExporter: Send + Sync {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError>;
+    async fn commit_config(&self) -> Result<(), ExecutorError>;
+    async fn reload_restart(&self) -> Result<(), ExecutorError>;
+}
+
+//TODO complete this impl
+impl std::fmt::Debug for dyn NodeExporter {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_fmt(format_args!("NodeExporter ",))
+    }
+}

harmony/src/domain/topology/oberservability/monitoring.rs

@@ -21,7 +21,6 @@ pub struct AlertingInterpret<S: AlertSender> {
     pub sender: S,
     pub receivers: Vec<Box<dyn AlertReceiver<S>>>,
     pub rules: Vec<Box<dyn AlertRule<S>>>,
-    pub scrape_targets: Option<Vec<Box<dyn ScrapeTarget<S>>>>,
 }
 
 #[async_trait]
@@ -39,12 +38,6 @@ impl<S: AlertSender + Installable<T>, T: Topology> Interpret<T> for AlertingInte
             debug!("installing rule: {:#?}", rule);
             rule.install(&self.sender).await?;
         }
-        if let Some(targets) = &self.scrape_targets {
-            for target in targets.iter() {
-                debug!("installing scrape_target: {:#?}", target);
-                target.install(&self.sender).await?;
-            }
-        }
         self.sender.ensure_installed(inventory, topology).await?;
         Ok(Outcome::success(format!(
             "successfully installed alert sender {}",
@@ -84,6 +77,6 @@ pub trait AlertRule<S: AlertSender>: std::fmt::Debug + Send + Sync {
 }
 
 #[async_trait]
-pub trait ScrapeTarget<S: AlertSender>: std::fmt::Debug + Send + Sync {
+pub trait ScrapeTarget<S: AlertSender> {
-    async fn install(&self, sender: &S) -> Result<Outcome, InterpretError>;
+    async fn install(&self, sender: &S) -> Result<(), InterpretError>;
 }

harmony/src/infra/brocade.rs

@@ -1,14 +1,15 @@
 use async_trait::async_trait;
 use brocade::{BrocadeClient, BrocadeOptions, InterSwitchLink, InterfaceStatus, PortOperatingMode};
+use harmony_secret::Secret;
 use harmony_types::{
     net::{IpAddress, MacAddress},
     switch::{PortDeclaration, PortLocation},
 };
 use option_ext::OptionExt;
+use serde::{Deserialize, Serialize};
 
 use crate::topology::{SwitchClient, SwitchError};
 
-#[derive(Debug)]
 pub struct BrocadeSwitchClient {
     brocade: Box<dyn BrocadeClient + Send + Sync>,
 }
@@ -113,6 +114,12 @@ impl SwitchClient for BrocadeSwitchClient {
     }
 }
 
+#[derive(Secret, Serialize, Deserialize, Debug)]
+pub struct BrocadeSwitchAuth {
+    pub username: String,
+    pub password: String,
+}
+
 #[cfg(test)]
 mod tests {
     use std::sync::{Arc, Mutex};
@@ -228,7 +235,7 @@ mod tests {
         assert_that!(*configured_interfaces).is_empty();
     }
 
-    #[derive(Debug, Clone)]
+    #[derive(Clone)]
     struct FakeBrocadeClient {
         stack_topology: Vec<InterSwitchLink>,
         interfaces: Vec<InterfaceInfo>,

harmony/src/infra/opnsense/mod.rs

@@ -4,6 +4,7 @@ mod firewall;
 mod http;
 mod load_balancer;
 mod management;
+pub mod node_exporter;
 mod tftp;
 use std::sync::Arc;
 

harmony/src/infra/opnsense/node_exporter.rs

@@ -0,0 +1,44 @@
+use async_trait::async_trait;
+use log::debug;
+
+use crate::{
+    executors::ExecutorError, infra::opnsense::OPNSenseFirewall,
+    topology::node_exporter::NodeExporter,
+};
+
+#[async_trait]
+impl NodeExporter for OPNSenseFirewall {
+    async fn ensure_initialized(&self) -> Result<(), ExecutorError> {
+        let mut config = self.opnsense_config.write().await;
+        let node_exporter = config.node_exporter();
+        if let Some(config) = node_exporter.get_full_config() {
+            debug!(
+                "Node exporter available in opnsense config, assuming it is already installed. {config:?}"
+            );
+        } else {
+            config
+                .install_package("os-node_exporter")
+                .await
+                .map_err(|e| {
+                        ExecutorError::UnexpectedError(format!("Executor failed when trying to install os-node_exporter package with error {e:?}"
+                                ))
+                    })?;
+        }
+
+        config.node_exporter().enable(true);
+        Ok(())
+    }
+    async fn commit_config(&self) -> Result<(), ExecutorError> {
+        OPNSenseFirewall::commit_config(self).await
+    }
+
+    async fn reload_restart(&self) -> Result<(), ExecutorError> {
+        self.opnsense_config
+            .write()
+            .await
+            .node_exporter()
+            .reload_restart()
+            .await
+            .map_err(|e| ExecutorError::UnexpectedError(e.to_string()))
+    }
+}

harmony/src/modules/monitoring/kube_prometheus/crd/crd_scrape_config.rs

@@ -1,187 +0,0 @@
-use std::net::IpAddr;
-
-use async_trait::async_trait;
-use kube::CustomResource;
-use schemars::JsonSchema;
-use serde::{Deserialize, Serialize};
-
-use crate::{
-    modules::monitoring::kube_prometheus::crd::{
-        crd_alertmanager_config::CRDPrometheus, crd_prometheuses::LabelSelector,
-    },
-    topology::oberservability::monitoring::ScrapeTarget,
-};
-
-#[derive(CustomResource, Serialize, Deserialize, Debug, Clone, JsonSchema)]
-#[kube(
-    group = "monitoring.coreos.com",
-    version = "v1alpha1",
-    kind = "ScrapeConfig",
-    plural = "scrapeconfigs",
-    namespaced
-)]
-#[serde(rename_all = "camelCase")]
-pub struct ScrapeConfigSpec {
-    /// List of static configurations.
-    pub static_configs: Option<Vec<StaticConfig>>,
-
-    /// Kubernetes service discovery.
-    pub kubernetes_sd_configs: Option<Vec<KubernetesSDConfig>>,
-
-    /// HTTP-based service discovery.
-    pub http_sd_configs: Option<Vec<HttpSDConfig>>,
-
-    /// File-based service discovery.
-    pub file_sd_configs: Option<Vec<FileSDConfig>>,
-
-    /// DNS-based service discovery.
-    pub dns_sd_configs: Option<Vec<DnsSDConfig>>,
-
-    /// Consul service discovery.
-    pub consul_sd_configs: Option<Vec<ConsulSDConfig>>,
-
-    /// Relabeling configuration applied to discovered targets.
-    pub relabel_configs: Option<Vec<RelabelConfig>>,
-
-    /// Metric relabeling configuration applied to scraped samples.
-    pub metric_relabel_configs: Option<Vec<RelabelConfig>>,
-
-    /// Path to scrape metrics from (defaults to `/metrics`).
-    pub metrics_path: Option<String>,
-
-    /// Interval at which Prometheus scrapes targets (e.g., "30s").
-    pub scrape_interval: Option<String>,
-
-    /// Timeout for scraping (e.g., "10s").
-    pub scrape_timeout: Option<String>,
-
-    /// Optional job name override.
-    pub job_name: Option<String>,
-
-    /// Optional scheme (http or https).
-    pub scheme: Option<String>,
-
-    /// Authorization paramaters for snmp walk
-    pub params: Option<Params>,
-}
-
-/// Static configuration section of a ScrapeConfig.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct StaticConfig {
-    pub targets: Vec<String>,
-
-    pub labels: Option<LabelSelector>,
-}
-
-/// Relabeling configuration for target or metric relabeling.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct RelabelConfig {
-    pub source_labels: Option<Vec<String>>,
-    pub separator: Option<String>,
-    pub target_label: Option<String>,
-    pub regex: Option<String>,
-    pub modulus: Option<u64>,
-    pub replacement: Option<String>,
-    pub action: Option<String>,
-}
-
-/// Kubernetes service discovery configuration.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct KubernetesSDConfig {
-    ///"pod", "service", "endpoints"pub role: String,
-    pub namespaces: Option<NamespaceSelector>,
-    pub selectors: Option<Vec<LabelSelector>>,
-    pub api_server: Option<String>,
-    pub bearer_token_file: Option<String>,
-    pub tls_config: Option<TLSConfig>,
-}
-
-/// Namespace selector for Kubernetes service discovery.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct NamespaceSelector {
-    pub any: Option<bool>,
-    pub match_names: Option<Vec<String>>,
-}
-
-/// HTTP-based service discovery configuration.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct HttpSDConfig {
-    pub url: String,
-    pub refresh_interval: Option<String>,
-    pub basic_auth: Option<BasicAuth>,
-    pub authorization: Option<Authorization>,
-    pub tls_config: Option<TLSConfig>,
-}
-
-/// File-based service discovery configuration.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct FileSDConfig {
-    pub files: Vec<String>,
-    pub refresh_interval: Option<String>,
-}
-
-/// DNS-based service discovery configuration.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct DnsSDConfig {
-    pub names: Vec<String>,
-    pub refresh_interval: Option<String>,
-    pub type_: Option<String>, // SRV, A, AAAA
-    pub port: Option<u16>,
-}
-
-/// Consul service discovery configuration.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct ConsulSDConfig {
-    pub server: String,
-    pub services: Option<Vec<String>>,
-    pub scheme: Option<String>,
-    pub datacenter: Option<String>,
-    pub tag_separator: Option<String>,
-    pub refresh_interval: Option<String>,
-    pub tls_config: Option<TLSConfig>,
-}
-
-/// Basic authentication credentials.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct BasicAuth {
-    pub username: String,
-    pub password: Option<String>,
-    pub password_file: Option<String>,
-}
-
-/// Bearer token or other auth mechanisms.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct Authorization {
-    pub credentials: Option<String>,
-    pub credentials_file: Option<String>,
-    pub type_: Option<String>,
-}
-
-/// TLS configuration for secure scraping.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct TLSConfig {
-    pub ca_file: Option<String>,
-    pub cert_file: Option<String>,
-    pub key_file: Option<String>,
-    pub server_name: Option<String>,
-    pub insecure_skip_verify: Option<bool>,
-}
-
-/// Authorization parameters for SNMP walk.
-#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct Params {
-    pub auth: Option<Vec<String>>,
-    pub module: Option<Vec<String>>,
-}

harmony/src/modules/monitoring/kube_prometheus/crd/mod.rs

@@ -4,7 +4,6 @@ pub mod crd_default_rules;
 pub mod crd_grafana;
 pub mod crd_prometheus_rules;
 pub mod crd_prometheuses;
-pub mod crd_scrape_config;
 pub mod grafana_default_dashboard;
 pub mod grafana_operator;
 pub mod prometheus_operator;

harmony/src/modules/monitoring/kube_prometheus/helm_prometheus_alert_score.rs

@@ -31,7 +31,6 @@ impl<T: Topology + HelmCommand + TenantManager> Score<T> for HelmPrometheusAlert
             sender: KubePrometheus { config },
             receivers: self.receivers.clone(),
             rules: self.rules.clone(),
-            scrape_targets: None,
         })
     }
     fn name(&self) -> String {

harmony/src/modules/monitoring/mod.rs

@@ -6,4 +6,3 @@ pub mod kube_prometheus;
 pub mod ntfy;
 pub mod okd;
 pub mod prometheus;
-pub mod scrape_target;

harmony/src/modules/monitoring/scrape_target/mod.rs

@@ -1 +0,0 @@
-pub mod server;

harmony/src/modules/monitoring/scrape_target/server.rs

@@ -1,76 +0,0 @@
-use std::net::IpAddr;
-
-use async_trait::async_trait;
-use kube::api::ObjectMeta;
-use serde::Serialize;
-
-use crate::{
-    interpret::{InterpretError, Outcome},
-    modules::monitoring::kube_prometheus::crd::{
-        crd_alertmanager_config::CRDPrometheus,
-        crd_scrape_config::{Params, RelabelConfig, ScrapeConfig, ScrapeConfigSpec, StaticConfig},
-    },
-    topology::oberservability::monitoring::ScrapeTarget,
-};
-
-#[derive(Debug, Clone, Serialize)]
-pub struct Server {
-    pub name: String,
-    pub ip: IpAddr,
-    pub auth: String,
-    pub module: String,
-    pub domain: String,
-}
-
-#[async_trait]
-impl ScrapeTarget<CRDPrometheus> for Server {
-    async fn install(&self, sender: &CRDPrometheus) -> Result<Outcome, InterpretError> {
-        let scrape_config_spec = ScrapeConfigSpec {
-            static_configs: Some(vec![StaticConfig {
-                targets: vec![self.ip.to_string()],
-                labels: None,
-            }]),
-            scrape_interval: Some("2m".to_string()),
-            kubernetes_sd_configs: None,
-            http_sd_configs: None,
-            file_sd_configs: None,
-            dns_sd_configs: None,
-            params: Some(Params {
-                auth: Some(vec![self.auth.clone()]),
-                module: Some(vec![self.module.clone()]),
-            }),
-            consul_sd_configs: None,
-            relabel_configs: Some(vec![RelabelConfig {
-                action: None,
-                source_labels: Some(vec!["__address__".to_string()]),
-                separator: None,
-                target_label: Some("__param_target".to_string()),
-                regex: None,
-                replacement: Some(format!("snmp.{}:31080", self.domain.clone())),
-                modulus: None,
-            }]),
-            metric_relabel_configs: None,
-            metrics_path: Some("/snmp".to_string()),
-            scrape_timeout: Some("2m".to_string()),
-            job_name: Some(format!("snmp_exporter/cloud/{}", self.name.clone())),
-            scheme: None,
-        };
-
-        let scrape_config = ScrapeConfig {
-            metadata: ObjectMeta {
-                name: Some(self.name.clone()),
-                namespace: Some(sender.namespace.clone()),
-                ..Default::default()
-            },
-            spec: scrape_config_spec,
-        };
-        sender
-            .client
-            .apply(&scrape_config, Some(&sender.namespace.clone()))
-            .await?;
-        Ok(Outcome::success(format!(
-            "installed scrape target {}",
-            self.name.clone()
-        )))
-    }
-}

harmony/src/modules/opnsense/mod.rs

@@ -1,3 +1,4 @@
+pub mod node_exporter;
 mod shell;
 mod upgrade;
 pub use shell::*;

harmony/src/modules/opnsense/node_exporter.rs

@@ -0,0 +1,70 @@
+use async_trait::async_trait;
+use harmony_types::id::Id;
+use log::info;
+use serde::Serialize;
+
+use crate::{
+    data::Version,
+    interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome},
+    inventory::Inventory,
+    score::Score,
+    topology::{Topology, node_exporter::NodeExporter},
+};
+
+#[derive(Debug, Clone, Serialize)]
+pub struct NodeExporterScore {}
+
+impl<T: Topology + NodeExporter> Score<T> for NodeExporterScore {
+    fn name(&self) -> String {
+        "NodeExporterScore".to_string()
+    }
+
+    fn create_interpret(&self) -> Box<dyn Interpret<T>> {
+        Box::new(NodeExporterInterpret {})
+    }
+}
+
+#[derive(Debug)]
+pub struct NodeExporterInterpret {}
+
+#[async_trait]
+impl<T: Topology + NodeExporter> Interpret<T> for NodeExporterInterpret {
+    async fn execute(
+        &self,
+        _inventory: &Inventory,
+        node_exporter: &T,
+    ) -> Result<Outcome, InterpretError> {
+        info!(
+            "Making sure node exporter is initiailized: {:?}",
+            node_exporter.ensure_initialized().await?
+        );
+
+        info!("Applying Node Exporter configuration");
+
+        node_exporter.commit_config().await?;
+
+        info!("Reloading and restarting Node Exporter");
+
+        node_exporter.reload_restart().await?;
+
+        Ok(Outcome::success(format!(
+            "NodeExporter successfully configured"
+        )))
+    }
+
+    fn get_name(&self) -> InterpretName {
+        InterpretName::Custom("NodeExporter")
+    }
+
+    fn get_version(&self) -> Version {
+        todo!()
+    }
+
+    fn get_status(&self) -> InterpretStatus {
+        todo!()
+    }
+
+    fn get_children(&self) -> Vec<Id> {
+        todo!()
+    }
+}

opnsense-config-xml/src/data/opnsense.rs

@@ -433,7 +433,7 @@ pub struct OPNsenseXmlSection {
     #[yaserde(rename = "Interfaces")]
     pub interfaces: Option<ConfigInterfaces>,
     #[yaserde(rename = "NodeExporter")]
-    pub node_exporter: Option<RawXml>,
+    pub node_exporter: Option<NodeExporter>,
     #[yaserde(rename = "Kea")]
     pub kea: Option<RawXml>,
     pub monit: Option<Monit>,
@@ -1595,3 +1595,21 @@ pub struct Ifgroups {
     #[yaserde(attribute = true)]
     pub version: String,
 }
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct NodeExporter {
+    pub enabled: u8,
+    pub listenaddress: Option<MaybeString>,
+    pub listenport: u16,
+    pub cpu: u8,
+    pub exec: u8,
+    pub filesystem: u8,
+    pub loadavg: u8,
+    pub meminfo: u8,
+    pub netdev: u8,
+    pub time: u8,
+    pub devstat: u8,
+    pub interrupts: u8,
+    pub ntp: u8,
+    pub zfs: u8,
+}

opnsense-config/src/config/config.rs

@@ -5,7 +5,8 @@ use crate::{
     error::Error,
     modules::{
         caddy::CaddyConfig, dhcp_legacy::DhcpConfigLegacyISC, dns::UnboundDnsConfig,
-        dnsmasq::DhcpConfigDnsMasq, load_balancer::LoadBalancerConfig, tftp::TftpConfig,
+        dnsmasq::DhcpConfigDnsMasq, load_balancer::LoadBalancerConfig,
+        node_exporter::NodeExporterConfig, tftp::TftpConfig,
     },
 };
 use log::{debug, info, trace, warn};
@@ -71,6 +72,10 @@ impl Config {
         LoadBalancerConfig::new(&mut self.opnsense, self.shell.clone())
     }
 
+    pub fn node_exporter(&mut self) -> NodeExporterConfig<'_> {
+        NodeExporterConfig::new(&mut self.opnsense, self.shell.clone())
+    }
+
     pub async fn upload_files(&self, source: &str, destination: &str) -> Result<String, Error> {
         self.shell.upload_folder(source, destination).await
     }

opnsense-config/src/modules/mod.rs

@@ -4,4 +4,5 @@ pub mod dhcp_legacy;
 pub mod dns;
 pub mod dnsmasq;
 pub mod load_balancer;
+pub mod node_exporter;
 pub mod tftp;

opnsense-config/src/modules/node_exporter.rs

@@ -0,0 +1,54 @@
+use std::sync::Arc;
+
+use opnsense_config_xml::{NodeExporter, OPNsense};
+
+use crate::{config::OPNsenseShell, Error};
+
+pub struct NodeExporterConfig<'a> {
+    opnsense: &'a mut OPNsense,
+    opnsense_shell: Arc<dyn OPNsenseShell>,
+}
+
+impl<'a> NodeExporterConfig<'a> {
+    pub fn new(opnsense: &'a mut OPNsense, opnsense_shell: Arc<dyn OPNsenseShell>) -> Self {
+        Self {
+            opnsense,
+            opnsense_shell,
+        }
+    }
+
+    pub fn get_full_config(&self) -> &Option<NodeExporter> {
+        &self.opnsense.opnsense.node_exporter
+    }
+
+    fn with_node_exporter<F, R>(&mut self, f: F) -> Result<R, &'static str>
+    where
+        F: FnOnce(&mut NodeExporter) -> R,
+    {
+        match &mut self.opnsense.opnsense.node_exporter.as_mut() {
+            Some(node_exporter) => Ok(f(node_exporter)),
+            None => Err("node exporter is not yet installed"),
+        }
+    }
+
+    pub fn enable(&mut self, enabled: bool) -> Result<(), &'static str> {
+        self.with_node_exporter(|node_exporter| node_exporter.enabled = enabled as u8)
+            .map(|_| ())
+    }
+
+    pub async fn reload_restart(&self) -> Result<(), Error> {
+        self.opnsense_shell
+            .exec("configctl node_exporter stop")
+            .await?;
+        self.opnsense_shell
+            .exec("configctl template reload OPNsense/NodeExporter")
+            .await?;
+        self.opnsense_shell
+            .exec("configctl node_exporter configtest")
+            .await?;
+        self.opnsense_shell
+            .exec("configctl node_exporter start")
+            .await?;
+        Ok(())
+    }
+}