1 {%- from "influxdb/map.jinja" import server with context %}
2 {%- if server.enabled %}
6 - names: {{ server.pkgs }}
10 - name: /etc/influxdb/influxdb.conf
11 - source: salt://influxdb/files/influxdb.conf
14 - pkg: influxdb_packages
18 - name: /etc/default/influxdb
19 - source: salt://influxdb/files/default
22 - pkg: influxdb_packages
27 - name: {{ server.service }}
28 # This delay is needed before being able to send data to server to create
29 # users and databases.
32 - file: influxdb_config
33 - file: influxdb_default
35 {% set url_for_query = "http://{}:{}/query".format(server.http.bind.address, server.http.bind.port) %}
36 {% set admin_created = false %}
38 {%- if server.admin.get('user', {}).get('enabled', false) %}
39 {% set query_create_admin = "--data-urlencode \"q=CREATE USER {} WITH PASSWORD '{}' WITH ALL PRIVILEGES\"".format(server.admin.user.name, server.admin.user.password) %}
40 {% set admin_url = "http://{}:{}/query?u={}&p={}".format(server.http.bind.address, server.http.bind.port, server.admin.user.name, server.admin.user.password) %}
41 influxdb_create_admin:
43 - name: curl -f -S -POST "{{ url_for_query }}" {{ query_create_admin }} || curl -f -S -POST "{{ admin_url }}" {{ query_create_admin }}
45 - service: influxdb_service
46 {% set url_for_query = admin_url %}
47 {% set admin_created = true %}
50 # An admin must exist before creating others users
51 {%- if admin_created %}
52 {%- for user_name, user in server.get('user', {}).iteritems() %}
53 {%- if user.get('enabled', false) %}
54 {%- if user.get('admin', false) %}
55 {% set query_create_user = "--data-urlencode \"q=CREATE USER {} WITH PASSWORD '{}' WITH ALL PRIVILEGES\"".format(user.name, user.password) %}
57 {% set query_create_user = "--data-urlencode \"q=CREATE USER {} WITH PASSWORD '{}'\"".format(user.name, user.password) %}
59 influxdb_create_user_{{user.name}}:
61 - name: curl -f -S -POST "{{ url_for_query }}" {{ query_create_user }}
63 - cmd: influxdb_create_admin
64 # TODO: manage user deletion
69 {%- for db_name, db in server.get('database', {}).iteritems() %}
70 {%- if db.get('enabled', false) %}
71 {% set query_create_db = "--data-urlencode \"q=CREATE DATABASE {}\"".format(db.name) %}
72 influxdb_create_db_{{db.name}}:
74 - name: curl -f -S -POST "{{ url_for_query }}" {{ query_create_db }}
75 {%- if admin_created %}
77 - cmd: influxdb_create_admin
79 # TODO: manage database deletion
83 # An admin must exist to manage grants, otherwise there is no user.
84 {%- if admin_created %}
85 {%- for grant_name, grant in server.get('grant', {}).iteritems() %}
86 {%- if grant.get('enabled', false) %}
87 {% set query_grant_user_access = "--data-urlencode \"q=GRANT {} ON {} TO {}\"".format(grant.privilege, grant.database, grant.user) %}
88 influxdb_grant_{{grant_name}}:
90 - name: curl -f -S -POST "{{ url_for_query }}" {{ query_grant_user_access }}
92 - cmd: influxdb_create_db_{{grant.database}}
93 - cmd: influxdb_create_user_{{grant.user}}
94 - cmd: influxdb_create_admin
95 # TODO: manage grant deletion (if needed)