X-Git-Url: https://gerrit.mcp.mirantis.com/gitweb?p=salt-formulas%2Finfluxdb.git;a=blobdiff_plain;f=influxdb%2Fserver.sls;h=30899fc28775e67db1e1f71244891bd329eb08af;hp=0c310f7f584b413050ff7a115b7b0a6e23569796;hb=1dd422969a205d0730d071fa8bbf6953ebeaff38;hpb=d6fa6abc29b84593006f3b3a340ca74f854abcc7

diff --git a/influxdb/server.sls b/influxdb/server.sls
index 0c310f7..30899fc 100644
--- a/influxdb/server.sls
+++ b/influxdb/server.sls
@@ -1,4 +1,5 @@
 {%- from "influxdb/map.jinja" import server with context %}
+
 {%- if server.enabled %}
 
 influxdb_packages:
@@ -13,11 +14,116 @@ influxdb_config:
   - require:
     - pkg: influxdb_packages
 
+influxdb_default:
+  file.managed:
+  - name: /etc/default/influxdb
+  - source: salt://influxdb/files/default
+  - template: jinja
+  - require:
+    - pkg: influxdb_packages
+
 influxdb_service:
   service.running:
   - enable: true
   - name: {{ server.service }}
+  # This delay is needed before being able to send data to server to create
+  # users and databases.
+  - init_delay: 5
+  {%- if grains.get('noservices') %}
+  - onlyif: /bin/false
+  {%- endif %}
   - watch:
     - file: influxdb_config
+    - file: influxdb_default
+
+{% set url_for_query = "http://{}:{}/query".format(server.http.bind.address, server.http.bind.port) %}
+{% set admin_created = false %}
+
+{%- if server.admin.get('user', {}).get('enabled', False) %}
+  {% set query_create_admin = "--data-urlencode \"q=CREATE USER {} WITH PASSWORD '{}' WITH ALL PRIVILEGES\"".format(server.admin.user.name, server.admin.user.password) %}
+  {% set admin_url = "http://{}:{}/query?u={}&p={}".format(server.http.bind.address, server.http.bind.port, server.admin.user.name, server.admin.user.password) %}
+influxdb_create_admin:
+  cmd.run:
+  - name: curl -f -S -POST "{{ url_for_query }}" {{ query_create_admin }} || curl -f -S -POST "{{ admin_url }}" {{ query_create_admin }}
+  - require:
+    - service: influxdb_service
+  {% set url_for_query = admin_url %}
+  {% set admin_created = true %}
+{%- endif %}
+
+# An admin must exist before creating others users
+{%- if admin_created %}
+  {%- for user_name, user in server.get('user', {}).iteritems() %}
+    {%- if user.get('enabled', False) %}
+      {%- if user.get('admin', False) %}
+        {% set query_create_user = "--data-urlencode \"q=CREATE USER {} WITH PASSWORD '{}' WITH ALL PRIVILEGES\"".format(user.name, user.password) %}
+      {%- else %}
+        {% set query_create_user = "--data-urlencode \"q=CREATE USER {} WITH PASSWORD '{}'\"".format(user.name, user.password) %}
+      {%- endif %}
+influxdb_create_user_{{user.name}}:
+  cmd.run:
+    - name: curl -f -S -POST "{{ url_for_query }}" {{ query_create_user }}
+    - require:
+      - cmd: influxdb_create_admin
+    # TODO: manage user deletion
+    {%- endif %}
+  {%- endfor %}
+{%- endif %}
+
+{%- for db_name, db in server.get('database', {}).iteritems() %}
+  {%- if db.get('enabled', False) %}
+    {% set query_create_db = "--data-urlencode \"q=CREATE DATABASE {}\"".format(db.name) %}
+influxdb_create_db_{{db.name}}:
+  cmd.run:
+    - name: curl -f -S -POST "{{ url_for_query }}" {{ query_create_db }}
+    {%- if admin_created %}
+    - require:
+      - cmd: influxdb_create_admin
+    {%- endif %}
+  # TODO: manage database deletion
+
+    {% for rp in db.get('retention_policy', []) %}
+    {% set rp_name = rp.get('name', 'autogen') %}
+    {% if rp.get('is_default') %}
+      {% set is_default = 'DEFAULT' %}
+    {% else %}
+      {% set is_default = '' %}
+    {% endif %}
+    {% set duration = rp.get('duration', 'INF') %}
+    {% set replication = rp.get('replication', '1') %}
+    {% if rp.get('shard_duration') %}
+      {% set shard_duration = 'SHARD DURATION {}'.format(rp.shard_duration) %}
+    {% else %}
+      {% set shard_duration = '' %}
+    {% endif %}
+    {% set query_retention_policy = 'RETENTION POLICY {} ON {} DURATION {} REPLICATION {} {} {}'.format(
+        rp_name, db.name, duration, replication, shard_duration, is_default)
+    %}
+influxdb_retention_policy_{{db.name}}_{{ rp_name }}:
+  cmd.run:
+
+    - name: curl -s -S -POST "{{ url_for_query }}" --data-urlencode "q=CREATE {{ query_retention_policy }}"|grep -v "policy already exists" || curl -s -S -POST "{{ url_for_query }}" --data-urlencode "q=ALTER {{ query_retention_policy }}"
+    - require:
+      - cmd: influxdb_create_db_{{db.name}}
+    {%- endfor %}
+  {%- endif %}
+{%- endfor %}
+
+# An admin must exist to manage grants, otherwise there is no user.
+{%- if admin_created %}
+{%- for grant_name, grant in server.get('grant', {}).iteritems() %}
+  {%- if grant.get('enabled', False) %}
+    {% set query_grant_user_access = "--data-urlencode \"q=GRANT {} ON {} TO {}\"".format(grant.privilege, grant.database, grant.user) %}
+influxdb_grant_{{grant_name}}:
+  cmd.run:
+    - name: curl -f -S -POST "{{ url_for_query }}" {{ query_grant_user_access }}
+    - require:
+      - cmd: influxdb_create_db_{{grant.database}}
+      - cmd: influxdb_create_user_{{grant.user}}
+      - cmd: influxdb_create_admin
+    # TODO: manage grant deletion (if needed)
+  {%- endif %}
+{%- endfor %}
+{%- endif %}
 
 {%- endif %}