From: Gunnar Beutner Date: Thu, 22 Oct 2015 13:56:27 +0000 (+0200) Subject: Clean up the 'api setup' command X-Git-Tag: v2.4.0~156 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f31837a6ba2e37a47a957f1eebfe3f55da8f9a75;p=icinga2 Clean up the 'api setup' command refs #9471 --- diff --git a/lib/cli/apisetupcommand.cpp b/lib/cli/apisetupcommand.cpp index c2bb65cae..15a92da05 100644 --- a/lib/cli/apisetupcommand.cpp +++ b/lib/cli/apisetupcommand.cpp @@ -55,21 +55,10 @@ int ApiSetupCommand::GetMaxArguments(void) const */ int ApiSetupCommand::Run(const boost::program_options::variables_map& vm, const std::vector& ap) const { - /* 1. generate CA & signed certificate - * 2. update password inside api-users.conf for the "root" user - * TODO: - * - setup the api on a client? - */ - - int result = ApiSetupUtility::SetupMaster(Utility::GetFQDN()); - - if (result > 0) { - Log(LogCritical, "ApiSetup", "Error occured. Bailing out."); - return result; - } + if (!ApiSetupUtility::SetupMaster(Utility::GetFQDN())) + return 1; std::cout << "Done.\n\n"; - std::cout << "Now restart your Icinga 2 daemon to finish the installation!\n\n"; return 0; diff --git a/lib/cli/apisetuputility.cpp b/lib/cli/apisetuputility.cpp index e231fcef0..e9f53ae46 100644 --- a/lib/cli/apisetuputility.cpp +++ b/lib/cli/apisetuputility.cpp @@ -43,33 +43,36 @@ String ApiSetupUtility::GetConfdPath(void) return Application::GetSysconfDir() + "/icinga2/conf.d"; } -int ApiSetupUtility::SetupMaster(const String& cn) +bool ApiSetupUtility::SetupMaster(const String& cn) { /* if the 'api' feature is enabled we can safely assume * that either 'api setup' was run, or the user manually * enabled the api including all certificates e.g. by 'node wizard' in <= v2.3.x */ if (FeatureUtility::CheckFeatureEnabled("api")) { - Log(LogInformation, "cli") - << "'api' feature already enabled, skipping feature enable and master certificate creation.\n"; - return 0; + Log(LogInformation, "cli", "'api' feature already enabled, skipping feature enable and master certificate creation."); + return false; } - SetupMasterCertificates(cn); - SetupMasterApiUser(cn); - SetupMasterEnableApi(cn); + if (!SetupMasterCertificates(cn)) + return false; - return 0; + if (!SetupMasterApiUser()) + return false; + + if (!SetupMasterEnableApi()) + return false; + + return true; } -int ApiSetupUtility::SetupMasterCertificates(const String& cn) +bool ApiSetupUtility::SetupMasterCertificates(const String& cn) { Log(LogInformation, "cli") << "Generating new CA.\n"; - if (PkiUtility::NewCa() > 0) { + if (PkiUtility::NewCa() > 0) Log(LogWarning, "cli", "Found CA, skipping and using the existing one."); - } String pki_path = PkiUtility::GetPkiPath(); Utility::MkDirP(pki_path, 0700); @@ -95,7 +98,7 @@ int ApiSetupUtility::SetupMasterCertificates(const String& cn) if (PkiUtility::NewCert(cn, key, csr, "") > 0) { Log(LogCritical, "cli", "Failed to create certificate signing request."); - return 1; + return false; } /* Sign the CSR with the CA key */ @@ -109,11 +112,10 @@ int ApiSetupUtility::SetupMasterCertificates(const String& cn) if (PkiUtility::SignCsr(csr, cert) != 0) { Log(LogCritical, "cli", "Could not sign CSR."); - return 1; + return false; } - /* Copy CA certificate to /etc/icinga2/pki */ - + /* Copy CA certificate to /etc/icinga2/pki */ String ca_path = PkiUtility::GetLocalCaPath(); String ca = ca_path + "/ca.crt"; String ca_key = ca_path + "/ca.key"; @@ -147,12 +149,12 @@ int ApiSetupUtility::SetupMasterCertificates(const String& cn) } } - return 0; + return true; } -int ApiSetupUtility::SetupMasterApiUser(const String& cn) +bool ApiSetupUtility::SetupMasterApiUser(void) { - String api_username = "root"; //TODO make this available as cli parameter? + String api_username = "root"; // TODO make this available as cli parameter? String api_password = RandomString(8); String apiuserspath = GetConfdPath() + "/api-users.conf"; @@ -189,16 +191,16 @@ int ApiSetupUtility::SetupMasterApiUser(const String& cn) << boost::errinfo_file_name(apiuserspathtmp)); } - return 0; + return true; } -int ApiSetupUtility::SetupMasterEnableApi(const String& cn) +bool ApiSetupUtility::SetupMasterEnableApi(void) { Log(LogInformation, "cli", "Enabling the ApiListener feature.\n"); - std::vector enable; - enable.push_back("api"); - FeatureUtility::EnableFeatures(enable); + std::vector features; + features.push_back("api"); + FeatureUtility::EnableFeatures(features); - return 0; + return true; } diff --git a/lib/cli/apisetuputility.hpp b/lib/cli/apisetuputility.hpp index b6c36c2a6..730bc7979 100644 --- a/lib/cli/apisetuputility.hpp +++ b/lib/cli/apisetuputility.hpp @@ -37,11 +37,11 @@ namespace icinga class I2_CLI_API ApiSetupUtility { public: - static int SetupMaster(const String& cn); + static bool SetupMaster(const String& cn); - static int SetupMasterCertificates(const String& cn); - static int SetupMasterApiUser(const String& cn); - static int SetupMasterEnableApi(const String& cn); + static bool SetupMasterCertificates(const String& cn); + static bool SetupMasterApiUser(void); + static bool SetupMasterEnableApi(void); static String GetConfdPath(void); diff --git a/lib/cli/nodesetupcommand.cpp b/lib/cli/nodesetupcommand.cpp index 807f6fb2d..90f00f1e5 100644 --- a/lib/cli/nodesetupcommand.cpp +++ b/lib/cli/nodesetupcommand.cpp @@ -145,10 +145,10 @@ int NodeSetupCommand::SetupMaster(const boost::program_options::variables_map& v } Log(LogInformation, "cli", "Generating master configuration for Icinga 2."); - ApiSetupUtility::SetupMasterApiUser(cn); + ApiSetupUtility::SetupMasterApiUser(); if (!FeatureUtility::CheckFeatureEnabled("api")) { - ApiSetupUtility::SetupMasterEnableApi(cn); + ApiSetupUtility::SetupMasterEnableApi(); } else { Log(LogInformation, "cli") << "'api' feature already enabled.\n"; diff --git a/lib/cli/nodewizardcommand.cpp b/lib/cli/nodewizardcommand.cpp index 1a523b0cb..2d9af6307 100644 --- a/lib/cli/nodewizardcommand.cpp +++ b/lib/cli/nodewizardcommand.cpp @@ -464,10 +464,10 @@ wizard_ticket: } std::cout << ConsoleColorTag(Console_Bold) << "Generating master configuration for Icinga 2.\n" << ConsoleColorTag(Console_Normal); - ApiSetupUtility::SetupMasterApiUser(cn); + ApiSetupUtility::SetupMasterApiUser(); if (!FeatureUtility::CheckFeatureEnabled("api")) - ApiSetupUtility::SetupMasterEnableApi(cn); + ApiSetupUtility::SetupMasterEnableApi(); else std::cout << "'api' feature already enabled.\n";