From 4446e8fd1693e0f35670c85140fd1de9c6de04ca Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 6 Oct 2020 12:52:20 +0200 Subject: [PATCH] collectd: extend network uci plugin The network plugin from collectd also has the option to encrypt the metrics when sending them to another server. Until now, this was not possible via the UCI. This commit adds that feature. Signed-off-by: Florian Eckert --- utils/collectd/files/collectd.init | 86 ++++++++++++++++++++++++++++-- 1 file changed, 83 insertions(+), 3 deletions(-) diff --git a/utils/collectd/files/collectd.init b/utils/collectd/files/collectd.init index 05e21e109f..e372e70f21 100644 --- a/utils/collectd/files/collectd.init +++ b/utils/collectd/files/collectd.init @@ -153,11 +153,58 @@ process_network() { printf "\n\n" >> "$COLLECTD_CONF" } +process_network_server() { + local cfg="$1" + local SecurityLevel="$2" + + local Username Password ResolveInterval + + config_get Username "$cfg" Username + [ -z "$Username" ] && { + $LOG notice "SecurityLevel set to '$SecurityLevel' but no option Username found in config '$cfg'" + return 1 + } + printf "\\t\\tUsername \"%s\"\n" "${Username}" >> "$COLLECTD_CONF" + + config_get Password "$cfg" Password + [ -z "$Password" ] && { + $LOG notice "SecurityLevel set to '$SecurityLevel' but no option Password found in config '$cfg'" + return 2 + } + printf "\\t\\tPassword \"%s\"\n" "${Password}" >> "$COLLECTD_CONF" + + config_get ResolveInterval "$cfg" ResolveInterval + [ -z "$ResolveInterval" ] || { + printf "\\t\\tResolveInterval \"%s\"\n" "${ResolveInterval}" >> "$COLLECTD_CONF" + } +} + +process_network_listen() { + local cfg="$1" + + local auth_file="/tmp/collectd-auth-${cfg}.conf" + local auth_set + + rm -rf "${auth_file}" + add_auth() { + echo "$1" >> "${auth_file}" + auth_set=1 + } + config_list_foreach "$cfg" auth add_auth + + [ -z "$auth_set" ] && { + $LOG notice "SecurityLevel set to '$SecurityLevel' but no list option auth found in config '$cfg'" + return 1 + } + + printf "\\t\\tAuthFile \"%s\"\n" "${auth_file}" >> "$COLLECTD_CONF" +} + process_network_sections() { local cfg="$1" local section="$2" - local host port output + local host port output rvalue SecurityLevel Interface config_get host "$cfg" host [ -z "$host" ] && { @@ -173,9 +220,42 @@ process_network_sections() { config_get port "$cfg" port if [ -z "$port" ]; then - printf "\\t%s\n" "${output}" >> "$COLLECTD_CONF" + printf "\\t<%s>\n" "${output}" >> "$COLLECTD_CONF" + else + printf "\\t<%s \"%s\">\n" "${output}" "${port}" >> "$COLLECTD_CONF" + fi + + config_get SecurityLevel "$cfg" SecurityLevel 'None' + [ -z "$SecurityLevel" ] || { + printf "\\t\\tSecurityLevel \"%s\"\n" "${SecurityLevel}" >> "$COLLECTD_CONF" + } + + if [ "$SecurityLevel" != "None" ]; then + case "$section" in + server) + process_network_server "$cfg" "$SecurityLevel" + rvalue="$?" + [ "$rvalue" != 0 ] && return 0 + ;; + listen) + process_network_listen "$cfg" "$SecurityLevel" + rvalue="$?" + [ "$rvalue" != 0 ] && return 0 + ;; + esac + else + $LOG notice "SecurityLevel set to 'None' for '$cfg'" + fi + + config_get Interface "$cfg" Interface + [ -z "$Interface" ] || { + printf "\\t\\tInterface \"%s\"\n" "${Interface}" >> "$COLLECTD_CONF" + } + + if [ "$section" = "server" ]; then + printf "\\t\n" >> "$COLLECTD_CONF" else - printf "\\t%s \"%s\"\n" "${output}" "${port}" >> "$COLLECTD_CONF" + printf "\\t\n" >> "$COLLECTD_CONF" fi } -- 2.30.2