feat: add option to configure token auth #2

Merged
xoxys merged 1 commits from token-auth into main 2024-01-24 09:10:44 +00:00
4 changed files with 28 additions and 16 deletions
Showing only changes of commit e22ad0234f - Show all commits

View File

@ -12,10 +12,10 @@ pve_sd_virtualenv: /opt/python3/pve_sd
# @var pve_sd_virtualenv_umask: $ "_unset_" # @var pve_sd_virtualenv_umask: $ "_unset_"
# @var pve_sd_virtualenv_umask:example: $ "0022" # @var pve_sd_virtualenv_umask:example: $ "0022"
pve_sd_user: "prometheus_adm" pve_sd_system_user: "prometheus_adm"
pve_sd_user_comment: PVE SD pve_sd_system_user_comment: PVE SD
pve_sd_group: "{{ pve_sd_user }}" pve_sd_system_group: "{{ pve_sd_system_user }}"
pve_sd_extra_groups: [] pve_sd_system_extra_groups: []
# @var pve_sd_interval:description: Interval for the systemd timer. # @var pve_sd_interval:description: Interval for the systemd timer.
pve_sd_interval: "*:0/15" pve_sd_interval: "*:0/15"
@ -28,9 +28,16 @@ pve_sd_output_file: /out/pve.json
pve_sd_exclude_state: [] pve_sd_exclude_state: []
pve_sd_exclude_vmid: [] pve_sd_exclude_vmid: []
pve_sd_exclude_tags: []
pve_sd_service: False pve_sd_service: False
pve_sd_pve_server: pve.example.com pve_sd_pve_server: pve.example.com
pve_sd_pve_user: root pve_sd_pve_user: username@pve
pve_sd_pve_password: secure # @var pve_sd_pve_password:description: >
# If `pve_sd_pve_token_value` is set, the token authentication method is preferred,
# otherwise `pve_sd_pve_password` can be used for authentication with the username and password.
# @end
# @var pve_sd_pve_password:example: $ "secure"
pve_sd_pve_token_name: demo
pve_sd_pve_token_value: xxxx-xxxx-xxxx

View File

@ -1,16 +1,16 @@
--- ---
- block: - block:
- name: Create group '{{ pve_sd_group }}' - name: Create group '{{ pve_sd_system_group }}'
group: group:
name: "{{ pve_sd_group }}" name: "{{ pve_sd_system_group }}"
state: present state: present
- name: Create user '{{ pve_sd_user }}' - name: Create user '{{ pve_sd_system_user }}'
user: user:
comment: "{{ pve_sd_user_comment }}" comment: "{{ pve_sd_system_user_comment }}"
name: "{{ pve_sd_user }}" name: "{{ pve_sd_system_user }}"
group: "{{ pve_sd_group }}" group: "{{ pve_sd_system_group }}"
groups: "{{ pve_sd_extra_groups | join(',') }}" groups: "{{ pve_sd_system_extra_groups | join(',') }}"
- name: Upgrade python dependencies - name: Upgrade python dependencies
pip: pip:

View File

@ -4,14 +4,19 @@ PROMETHEUS_PVE_SD_LOG_LEVEL={{ pve_sd_log_level }}
PROMETHEUS_PVE_SD_LOG_FORMAT={{ pve_sd_log_format }} PROMETHEUS_PVE_SD_LOG_FORMAT={{ pve_sd_log_format }}
PROMETHEUS_PVE_SD_OUTPUT_FILE={{ pve_sd_output_file }} PROMETHEUS_PVE_SD_OUTPUT_FILE={{ pve_sd_output_file }}
PROMETHEUS_PVE_SD_SERVICE={{ pve_sd_service | bool | lower }} PROMETHEUS_PVE_SD_SERVICE={{ pve_sd_service | bool | lower }}
PROMETHEUS_PVE_SD_EXCLUDE_STATE={{ pve_sd_exclude_state | join(",") }} PROMETHEUS_PVE_SD_EXCLUDE_STATE={{ pve_sd_exclude_state | join(",") }}
PROMETHEUS_PVE_SD_EXCLUDE_VMID={{ pve_sd_exclude_vmid | join(",") }} PROMETHEUS_PVE_SD_EXCLUDE_VMID={{ pve_sd_exclude_vmid | join(",") }}
PROMETHEUS_PVE_SD_EXCLUDE_TAGS={{ pve_sd_exclude_tags | join(",") }}
PROMETHEUS_PVE_SD_PVE_SERVER={{ pve_sd_pve_server }} PROMETHEUS_PVE_SD_PVE_SERVER={{ pve_sd_pve_server }}
PROMETHEUS_PVE_SD_PVE_USER={{ pve_sd_pve_user }} PROMETHEUS_PVE_SD_PVE_USER={{ pve_sd_pve_user }}
{% if pve_sd_pve_token_value is defined %}
PROMETHEUS_PVE_SD_PVE_TOKEN_NAME={{ pve_sd_pve_token_name }}
PROMETHEUS_PVE_SD_PVE_TOKEN_VALUE={{ pve_sd_pve_token_value }}
{% else if pve_sd_pve_password is defined %}
PROMETHEUS_PVE_SD_PVE_PASSWORD={{ pve_sd_pve_password }} PROMETHEUS_PVE_SD_PVE_PASSWORD={{ pve_sd_pve_password }}
{% end %}
PROMETHEUS_PVE_SD_PVE_AUTH_TIMEOUT=5 PROMETHEUS_PVE_SD_PVE_AUTH_TIMEOUT=5
PROMETHEUS_PVE_SD_PVE_VERIFY_SSL=true PROMETHEUS_PVE_SD_PVE_VERIFY_SSL=true

View File

@ -9,8 +9,8 @@ After=local-fs.target
[Service] [Service]
Type=oneshot Type=oneshot
EnvironmentFile=/etc/sysconfig/pve_sd EnvironmentFile=/etc/sysconfig/pve_sd
User={{ pve_sd_user }} User={{ pve_sd_system_user }}
Group={{ pve_sd_group }} Group={{ pve_sd_system_user_group }}
WorkingDirectory={{ pve_sd_output_file | dirname }} WorkingDirectory={{ pve_sd_output_file | dirname }}
ExecStart=/usr/local/bin/prometheus-pve-sd ExecStart=/usr/local/bin/prometheus-pve-sd