OpenBSD support and cleanup (#92)

* preliminary openbsd support

* cleaning up some naming and a debug module usage

* making check gem version always run even when in check mode

* adding sensu log folder for openbsd

* roots group on openbsd is wheel, not root

* actually setting /var/log/sensu as a directory

* we dont need to recurse /etc/sensu/connf.d, which ends up failing idempotency checks anyways

* pinning sensu at a certain version

* actually setting the correct version of sensu

* setting better paths for include statements

* adding missing doublequote

* making the repo URLs a variable

* moving vars to defaults to be overriden later

* moving vars to defaults to be overriden later

* updating yum repo url

* fixing freebsd install URLs

* removing conditional for ssl gen certs

* adding back enterprise handlers

* merge cleanup

* removing recurse

* fixing vars overrides

defaults/main.yml

@@ -7,9 +7,16 @@ se_pass: ''
 
 # Sensu package
 sensu_package: sensu
+sensu_pkg_version:  # This 'none' value allows the var to be overriden in /vars or in group/host_vars
 sensu_enterprise_package: sensu-enterprise
 sensu_enterprise_dashboard_package: sensu-enterprise-dashboard
 
+# Sensu repo urls
+sensu_yum_repo_url: "http://repositories.sensuapp.org/yum/$releasever/$basearch/"
+sensu_apt_repo_url: "deb     http://repositories.sensuapp.org/apt {{ ansible_distribution_release }} main"
+sensu_apt_key_url: "http://repositories.sensuapp.org/apt/pubkey.gpg"
+sensu_freebsd_url: "https://sensu.global.ssl.fastly.net/freebsd/FreeBSD:{{ ansible_distribution_major_version }}:{{ ansible_architecture }}/"
+
 # Sensu service names
 sensu_server_service_name: sensu-server
 sensu_api_service_name: sensu-api

tasks/Amazon/main.yml

@@ -5,17 +5,12 @@
   - include_vars: "{{ ansible_distribution }}.yml"
 
   - name: Ensure the Sensu Core Yum repo is present
-    copy:
-      dest: /etc/yum.repos.d/sensu.repo
-      content: |
-        [sensu]
-        name=sensu
-        baseurl=https://sensu.global.ssl.fastly.net/yum/$releasever/$basearch/
-        gpgcheck=0
-        enabled=1
-      owner: root
-      group: root
-      mode: 0644
+    yum_repository:
+      name: sensu
+      description: The Sensu Core yum repository
+      baseurl: "{{ sensu_yum_repo_url }}"
+      gpgcheck: no
+      enabled: yes
 
   - name: Ensure Sensu is installed
     yum: name={{ sensu_package }} state={{ sensu_pkg_state }}

tasks/CentOS/main.yml

@@ -4,18 +4,18 @@
 
   - include_vars: "{{ ansible_distribution }}.yml"
 
+  - name: Set sensu_pkg_version {{ ansible_distribution }} override
+    set_fact:
+      sensu_pkg_version: "{{ _sensu_pkg_version }}"
+    when: sensu_pkg_version is none
+
   - name: Ensure the Sensu Core Yum repo is present
-    copy:
-      dest: /etc/yum.repos.d/sensu.repo
-      content: |
-        [sensu]
-        name=sensu
-        baseurl=https://sensu.global.ssl.fastly.net/yum/$releasever/$basearch/
-        gpgcheck=0
-        enabled=1
-      owner: root
-      group: root
-      mode: 0644
+    yum_repository:
+      name: sensu
+      description: The Sensu Core yum repository
+      baseurl: "{{ sensu_yum_repo_url }}"
+      gpgcheck: no
+      enabled: yes
 
   - name: Ensure that credential is supplied if installing Sensu Enterprise
     assert:
@@ -54,8 +54,12 @@
     when: se_enterprise
 
   - name: Ensure Sensu is installed
-    yum: name={{ sensu_package }} state={{ sensu_pkg_state }}
+    yum:
+      name: "{{sensu_package }}-{{sensu_pkg_version}}"
+      state: "{{ sensu_pkg_state }}"
 
   - name: Ensure Sensu Enterprise is installed
-    yum: name={{ sensu_enterprise_package }} state={{ sensu_pkg_state }}
+    yum:
+      name={{ sensu_enterprise_package }}
+      state={{ sensu_pkg_state }}
     when: se_enterprise

tasks/Debian/main.yml

@@ -6,12 +6,12 @@
 
   - name: Ensure the Sensu APT repo GPG key is present
     apt_key:
-      url: https://sensu.global.ssl.fastly.net/apt/pubkey.gpg
+      url: "{{ sensu_apt_key_url }}"
       state: present
 
   - name: Ensure the Sensu Core APT repo is present
     apt_repository:
-      repo: "deb     https://sensu.global.ssl.fastly.net/apt {{ ansible_distribution_release }} main"
+      repo: "{{ sensu_apt_repo_url }}"
       state: present
       update_cache: true
 

tasks/FreeBSD/main.yml

@@ -4,6 +4,11 @@
 
   - include_vars: "{{ ansible_distribution }}.yml"
 
+  - name: Set sensu_pkg_version {{ ansible_distribution }} override
+    set_fact:
+      sensu_pkg_version: "{{ _sensu_pkg_version }}"
+    when: sensu_pkg_version is none
+
   - name: Ensure the Sensu group is present
     group: name={{ sensu_group_name }} state=present
 

tasks/OpenBSD/dashboard.yml

@@ -0,0 +1,74 @@
+---
+# tasks/OpenBSD/dashboard.yml: Deployment of the Uchiwa dashboard
+# Specific to OpenBSD
+
+  - include_vars: "{{ ansible_distribution }}.yml"
+
+  - name: Ensure Uchiwa (dashboard) dependencies are installed
+    openbsd_pkg:
+      name: "{{ item }}"
+      state: present
+    with_items:
+      - go
+      - git
+      - npm
+
+  - name: Ensure Uchiwa directory exists
+    file:
+      dest: "{{ uchiwa_path }}"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      recurse: true
+
+  - name: Ensure Uchiwa Go/config directory exists
+    file:
+      dest: "{{ uchiwa_path }}/{{ item }}"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      recurse: true
+    with_items:
+      - etc
+      - go
+
+  - name: Ensure Uchiwa GOPATH exists
+    file:
+      dest: "{{ uchiwa_path }}/go/{{ item }}"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      state: directory
+      recurse: true
+    with_items:
+      - bin
+      - pkg
+      - src
+
+  - name: Fetch Uchiwa from GitHub
+    command: go get github.com/sensu/uchiwa
+    environment:
+      GOPATH: "{{ uchiwa_path }}/go"
+    args:
+      creates: "{{ uchiwa_path }}/go/src/github.com/sensu/uchiwa"
+    notify: Build and deploy Uchiwa
+    become: true
+    become_user: "{{ sensu_user_name }}"
+
+  - meta: flush_handlers
+
+  - name: Deploy Uchiwa config
+    template:
+      src: uchiwa_config.json.j2
+      dest: "{{ uchiwa_path }}/etc/config.json"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+    notify: restart uchiwa service
+
+  - name: Deploy Uchiwa service file
+    template:
+      src: uchiwa_openbsd.j2
+      dest: "/usr/local/etc/rc.d/uchiwa"
+      mode: "0755"
+
+  - name: Ensure Uchiwa server service is running
+    service: name=uchiwa state=started enabled=yes

tasks/OpenBSD/main.yml

@@ -0,0 +1,58 @@
+---
+# tasks/OpenBSD/main.yml: OpenBSD specific set-up
+# This takes care of base prerequisites for OpenBSD
+
+  - include_vars: "{{ ansible_distribution }}.yml"
+
+  - name: Ensure the Sensu group is present
+    group: name={{ sensu_group_name }} state=present
+
+  - name: Ensure the Sensu user is present
+    user:
+      name: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      shell: /bin/false
+      home: "{{ sensu_config_path }}"
+      createhome: true
+      state: present
+
+  - name: Install prerequisite packages
+    openbsd_pkg:
+      name: "{{ item }}"
+      state: present
+    with_items:
+      - bash
+      - ruby%2.3
+
+  - name: Get the current version of rubygems
+    shell: /usr/local/bin/gem23 --version
+    check_mode: no
+    register: gem23_version
+    changed_when: False
+
+  - name: Update rubygems to work around rubygems/rubygems/issues/1448
+    shell: /usr/local/bin/gem23 update --system
+    when: "{{ gem23_version.stdout | version_compare('2.5.3', '<') }}"
+
+  - name: Install sensu gem and all of its dependencies
+    gem:
+      name: sensu
+      repository: "{{ sensu_gem_repository | default('https://api.rubygems.org/')}}"
+      user_install: no
+      version: "{{ sensu_gem_version }}"
+      executable: /usr/local/bin/gem23
+
+  - name: Create the sensu log folder
+    file:
+      path: /var/log/sensu
+      owner: root
+      group: wheel
+      state: directory
+
+  - name: Deploy OpenBSD rc script
+    template:
+      src: sensuclient_openbsd.j2
+      dest: /etc/rc.d/sensuclient
+      owner: root
+      group: wheel
+      mode: 0755

tasks/OpenBSD/rabbit.yml

@@ -0,0 +1,10 @@
+---
+# tasks/OpenBSD/rabbit.yml: Deploy RabbitMQ
+# Specific to OpenBSD
+
+  - include_vars: "{{ ansible_distribution }}.yml"
+
+  - name: Ensure RabbitMQ is installed
+    pkgng:
+      name: rabbitmq
+      state: "{{ rabbitmq_pkg_state }}"

tasks/OpenBSD/redis.yml

@@ -0,0 +1,19 @@
+---
+# tasks/OpenBSD/redis.yml: Deploy redis
+# Specific to OpenBSD
+
+  - include_vars: "{{ ansible_distribution }}.yml"
+
+  - name: Ensure redis is installed
+    pkgng:
+      name: "{{ redis_pkg_name }}"
+      state: "{{ redis_pkg_state }}"
+
+  - name: Ensure redis binds to accessible IP
+    lineinfile:
+      dest: /usr/local/etc/redis.conf
+      regexp: '^bind'
+      line: 'bind 0.0.0.0'
+    notify: restart redis service
+
+  - meta: flush_handlers

tasks/Ubuntu/main.yml

@@ -9,12 +9,12 @@
     
   - name: Ensure the Sensu APT repo GPG key is present
     apt_key:
-      url: https://sensu.global.ssl.fastly.net/apt/pubkey.gpg
+      url: "{{ sensu_apt_key_url }}"
       state: present
 
   - name: Ensure the Sensu Core APT repo is present
     apt_repository:
-      repo: "deb     https://sensu.global.ssl.fastly.net/apt {{ ansible_distribution_release }} main"
+      repo: "{{ sensu_apt_repo_url }}"
       state: present
       update_cache: true
 

tasks/client.yml

@@ -11,7 +11,7 @@
       src: "{{ sensu_client_config  }}"
     notify: restart sensu-client service
 
-  - include: SmartOS/client.yml
+  - include: "{{ role_path }}/tasks/SmartOS/client.yml"
     when: ansible_distribution == "SmartOS"
     static: false
 

tasks/common.yml

@@ -7,7 +7,6 @@
     file:
       dest: "{{ sensu_config_path }}/conf.d"
       state: directory
-      recurse: true
       owner: "{{ sensu_user_name }}"
       group: "{{ sensu_group_name }}"
 

tasks/dashboard.yml

@@ -1,6 +1,6 @@
 ---
 # tasks/dashboard.yml: Deployment of the Uchiwa dashboard
-  - include: "{{ ansible_distribution }}/dashboard.yml"
+  - include: "{{ role_path }}/tasks/{{ ansible_distribution }}/dashboard.yml"
 
   - name: Ensure Uchiwa/Sensu Enterprise Dashboard server service is running
     service:

tasks/main.yml

@@ -3,41 +3,41 @@
 
   - include_vars: "{{ ansible_distribution }}.yml"
 
-  - include: "{{ ansible_distribution }}/main.yml"
+  - include: "{{ role_path }}/tasks/{{ ansible_distribution }}/main.yml"
     tags: setup
 
-  - include: redis.yml
+  - include: "{{ role_path }}/tasks/redis.yml"
     tags: redis
     when: redis_server
           and sensu_deploy_redis
     static: false
 
-  - include: ssl.yml
+  - include: "{{ role_path }}/tasks/ssl.yml"
     tags: ssl
 
-  - include: rabbit.yml
+  - include: "{{ role_path }}/tasks/rabbit.yml"
     tags: rabbitmq
     when: rabbitmq_server
           and sensu_deploy_rabbitmq
     static: false
 
-  - include: common.yml
+  - include: "{{ role_path }}/tasks/common.yml"
     tags: common
 
-  - include: server.yml
+  - include: "{{ role_path }}/tasks/server.yml"
     tags: server
     when: sensu_master
     static: false
 
-  - include: dashboard.yml
+  - include: "{{ role_path }}/tasks/dashboard.yml"
     tags: dashboard
     when: sensu_include_dashboard
     static: false
 
-  - include: client.yml
+  - include: "{{ role_path }}/tasks/client.yml"
     tags: client
 
-  - include: plugins.yml
+  - include: "{{ role_path }}/tasks/plugins.yml"
     tags: plugins
     when: sensu_include_plugins
     static: false

tasks/redis.yml

@@ -1,7 +1,7 @@
 ---
 # tasks/redis.yml: Deploy redis
 
-  - include: "{{ ansible_distribution }}/redis.yml"
+  - include: "{{ role_path }}/tasks/{{ ansible_distribution }}/redis.yml"
 
   - name: Ensure redis is running
     service: name={{ redis_service_name }} state=started enabled=true

tasks/server.yml

@@ -11,7 +11,7 @@
       src: sensu-api.json.j2
     notify: restart sensu-api service
 
-  - include: SmartOS/server.yml
+  - include: "{{ role_path }}/tasks/SmartOS/server.yml"
     when: ansible_distribution == "SmartOS"
     static: false
 

tasks/ssl.yml

@@ -9,9 +9,9 @@
       state: directory
       owner: "{{ sensu_user_name }}"
       group: "{{ sensu_group_name }}"
-    when: sensu_ssl_gen_certs and sensu_ssl_manage_certs
+    when: sensu_ssl_manage_certs
 
-  - include: ssl_generate.yml
+  - include: "{{ role_path }}/tasks/ssl_generate.yml"
     when: sensu_ssl_gen_certs
     static: false
 

templates/sensu-freebsd-repo.conf.j2

@@ -1,5 +1,5 @@
 sensu: {
-  url: "https://sensu.global.ssl.fastly.net/freebsd/FreeBSD:{{ ansible_distribution_major_version }}:{{ ansible_architecture }}/",
+  url: "{{ sensu_freebsd_url }}",
   enabled: true,
   mirror_type: "http"
 }

templates/sensuclient_openbsd.j2

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+daemon="/usr/local/bin/sensu-client"
+
+daemon_flags="-b -c {{ sensu_config_path }}/conf.json -d {{ sensu_config_path }}/conf.d -e {{ sensu_config_path }}/extensions -p /var/run/sensu-client.pid -l /var/log/sensu/sensu-client.log -L info"
+
+. /etc/rc.d/rc.subr
+
+rc_reload="NO"
+
+pexp="/usr/local/bin/ruby23 /usr/local/bin/sensu-client.*"
+
+rc_cmd $1

vars/CentOS.yml

@@ -5,3 +5,4 @@
 # Sensu/Uchiwa user/group/service properties
 sensu_user_name: root
 sensu_group_name: root
+_sensu_pkg_version: '0.29.0'

vars/FreeBSD.yml

@@ -4,7 +4,7 @@
 
 # Sensu config/package properties
 sensu_config_path: /usr/local/etc/sensu
-sensu_pkg_version: ~
+_sensu_pkg_version: ~
 
 # RabbitMQ options
 rabbitmq_config_path: /usr/local/etc/rabbitmq

vars/OpenBSD.yml

@@ -0,0 +1,16 @@
+---
+# vars/FreeBSD.yml: Variables for FreeBSD
+# Defaults are defined in vars/default.yml
+
+# Sensu config/package properties
+sensu_config_path: /etc/sensu
+sensu_gem_version: 0.29.0
+sensu_client_service_name: sensuclient
+
+# RabbitMQ options
+rabbitmq_config_path: /etc/rabbitmq
+rabbitmq_service_name: rabbitmq
+
+# Internal settings
+__bash_path: /usr/local/bin/bash
+__root_group: wheel