add files control - https://gitlab.confdroid.com/internal/confdroid_management/-/issues/260

.vscode/settings.json

@@ -1,5 +1,6 @@
 {
     "cSpell.words": [
+        "changeme",
         "reqpackage",
         "rpms",
         "sslcacert",

manifests/main/files.pp

@@ -6,4 +6,16 @@
 class prometheus_cd::main::files (
 ) inherits prometheus_cd::params {
   require prometheus_cd::main::dirs
+  file { $ps_main_file:
+    ensure   => file,
+    owner    => 'root',
+    group    => 'root',
+    mode     => '0644',
+    selrange => s0,
+    selrole  => object_r,
+    seltype  => etc_t,
+    seluser  => system_u,
+    content  => template('prometheus_cd/prometheus.yml.erb'),
+    notify   => Service[ps_prom_service],
+  }
 }

manifests/main/service.pp

@@ -8,7 +8,7 @@ class prometheus_cd::main::service (
   require prometheus_cd::main::files
   require prometheus_cd::firewall::iptables
   if  ($ps_prom_host == $fqdn) and ($manage_prometheus == true) {
-    service { 'prometheus':
+    service { $ps_prom_service:
       ensure     => running,
       hasstatus  => true,
       hasrestart => true,
@@ -16,7 +16,7 @@ class prometheus_cd::main::service (
     }
   }
   if $manage_node_exporter == true {
-    service { 'node_exporter':
+    service { $ps_ne_service:
       ensure     => running,
       hasstatus  => true,
       hasrestart => true,

manifests/params.pp

@@ -11,6 +11,8 @@
 # @param [String] ps_prom_host the fqdn of the prometheus server
 # @param [String] ps_fw_prefix the firewall rule prefix
 # @param [String] ps_main_port the firewall main port for prometheus
+# @param [String] ps_auth_user the username for authentication
+# @param [String] ps_auth_user the password for authentication
 ##############################################################################
 class prometheus_cd::params (
 
@@ -29,6 +31,10 @@ class prometheus_cd::params (
   String $ps_fw_prefix          = '50',
   String $ps_main_port          = '9090',
 
+  # auth
+  String $ps_auth_user          = 'changeme',
+  String $ps_auth_pass          = 'changeme',
+
 ) {
   # defaults
   $fqdn                   = $facts['networking']['fqdn']
@@ -39,6 +45,11 @@ class prometheus_cd::params (
   # dirs
   $ps_main_dir            = '/etc/prometheus'
 
+  # files
+
+  # services
+  $ps_prom_service        = 'prometheus'
+  $ps_ne_service          = 'node_exporter'
   # includes must be last
   include prometheus_cd::main::config
 }

templates/prometheus.yml.erb

@@ -25,10 +25,10 @@ scrape_configs:
   - targets:
     - localhost:9090
   basic_auth:
-      username_file: /etc/prometheus/secrets/prometheus-auth/username
+    username: <%= @ps_auth_user %>
-      password_file: /etc/prometheus/secrets/prometheus-auth/password
+    password: <%= @ps_auth_pass %>
 remote_write:
   - url: "http://localhost:9090/api/v1/write"
     basic_auth:
-      username_file: /etc/prometheus/secrets/prometheus-auth/username
+      username: <%= @ps_auth_user %>
-      password_file: /etc/prometheus/secrets/prometheus-auth/password
+      password: <%= @ps_auth_pass %>